The Chilean government warned of ransomware attacks by a notorious hacker gang after its customs service handled an incident on Tuesday.
Officials from Chile’s Servicio Nacional de Aduanas – the government department responsible for foreign trade, imports and more – said Tuesday afternoon that they had managed to prevent the progression of a cyberattack after discovering the incident .
“After detecting a security incident on our IT teams, we took all the necessary preventive measures to avoid exposing our IT teams and systems to possible vulnerabilities,” they specify. said on several social media sites.
“All security measures and protocols established by the Ministry of the Interior and Public Safety’s Computer Security Incident Response Team (CSIRT) are already in place. Thanks to the work of our IT teams, this incident will not affect the operational continuity of the Service and we are taking all necessary measures to continue operating at the various checkpoints across the country.
In a follow-up message, the country’s Computer Security Incident Response Team (CSIRT) confirmed it was a ransomware attack and clarified that the incident involved the Black Basta ransomware group – which added dozens of new victims on its leak site this week.
Scope of attacks widens: BlackBasta adds two more Italian companies to its data leak site.
Interest (https://t.co/zYzrXSaieZ)
Piemme SpA (https://t.co/C2PzpfScUR)In both published attacks, samples containing many identifying documents are provided.… https://t.co/AFdnK1Bakl pic.twitter.com/jT5kLXjuI6
– Stefano Favarato (@StefanoFavarato) October 17, 2023
The CSIRT warned all government authorities in the country that the ransomware had been detected “in a limited part of the digital infrastructure of the National Customs Service”.
They urged all government agencies to verify that backup copies of systems are protected and separated from the rest of the network. Agencies must also audit the number of administrative accounts and, more generally, limit the number of people with administrative authorizations.
They proposed a series of other measures that should be taken as the government continues to monitor the network for any signs of further attack.
Chile has faced several cyberattacks and ransomware incidents over the past year. The CSIRT said last August that an unnamed government agency had been affected by the ransomware campaign. target Microsoft tools and VMware ESXi servers while their consumer protection agency announced that it was also hit by ransomware in April 2022.
The Large Millimeter Array at Atacama, one of the largest astronomical observatories in the world, was also hit by a cyber attack last year. Although it has never been confirmed, a ransomware gang leak documents stolen from the Chilean army in June.
The attack comes as U.S. officials ready to get together a ransomware task force was created later this month, made up of representatives from 45 countries. Top Biden administration officials want countries to commit to never paying ransoms associated with ransomware attacks.
Future saved
Intelligence cloud.
No previous articles
No new articles
Jonathan Greig
Jonathan Greig is a breaking news reporter at Recorded Future News. Jonathan has worked as a journalist around the world since 2014. Before returning to New York, he worked for media outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.