Government officials confirmed that Papua New Guinea’s finance ministry was hit by a ransomware attack that disrupted government payments and operations.
The ransomware infected the Department of Finance’s Integrated Financial Management System a week ago, said the finance minister and acting treasurer, John Pundari.
Pundari also added that the government didn’t pay a ransom to the threat actors and the system was recovered from backups.
The system was used to manage access to hundreds of millions of dollars in foreign aid money. The government was not able to pay cheques and ordinary operations were impacted.
“The government and the people of Papua New Guinea can be assured that the government financial services will continue as usual,” Pundari said. “The Department is conscious of the security and integrity of its data. Therefore restoration of services to all government agencies, including the sub-national level, will be done gradually, so as not to compromise or allow any further spread of this malware or other virus.”
As a precaution, the government blocked access to the affected network to sanitize the infected systems.
“The department has now managed to fully restore the system, however, because of the risk, we are playing safe by not allowing full usage of the affected network,” said Pundari.
At this time, the authorities did not provide details about the attack, such as the ransomware family involved ed if the department has suffered a data breach.
(SecurityAffairs – hacking, cybercrime)