Experts warn of ransomware attacks against government organizations of small states

Pierluigi Paganini May 31, 2022

Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed to these attacks.

Cyber Research Labs observed a rise in ransomware attacks in the second quarter of 2022, some of them with a severe impact on the victims, such as the attack that hit the Costa Rican government that caused a nationwide crisis.

The experts warn of ransomware attacks against government organizations. They observed a total of 48 government organizations from 21 countries that were hit by 13 ransomware attacks in 2022.

ransomware government organizations

Cyble researchers warn that cybercriminal organizations have changed tactics, switching from businesses to small states threatening to subvert government apparatus.

Small states are easy targets due to the low level of security of their critical infrastructure due to the low budget to protect them.

The notorious ransomware group Conti began targeting the Costa Rican government in April 2022. A similar attack was seen in May 2021, when the gang targeted Ireland’s publicly funded health care system and demanded a ransom of USD20 million.” reads the post published by Cyble. “The timing could be a pure coincidence; however, Conti was seemingly trying the same tactics with Costa Rica, but this time on a larger scale, shortly after a change in government in the country.

The Conti ransomware gang after the attack against Costa Rica also hit Peru. The experts also reported other ransomware attacks that hit government organizations in Latin America, including Brazilian and Peruvian government organizations.

“Cyble Research Labs conducted research over vulnerable instances of the Peruvian government’s cyberinfrastructure and identified 21 instances from 11 ministerial websites with the most exploited CVEs from 2021.” continues Cyble.

The researchers also reported the sale on underground cybercrime forums of data exfiltrated from the server of government organizations, including the Ministry of Energy & Natural Resources, the Federal Court of Malaysia, and the Department of Management Services under the Malaysian Ministry of Personnel & Organizational Development, the National Bank of Angola, the Civil Service Commission of Republic of Philippines.

The experts highlight the importance for smaller states to improve their detection capabilities and to put in place systems to quickly respond to cyberattacks. Cyble remarks the need to invest in capacity-building to cultivate skilled manpower, enhance awareness among citizens and narrow the technology gap to minimize their risk footprint.

“Typically, cyberattacks on small nations by state-sponsored and renowned APTs are adopted by a few sponsoring nations to impact the socio-politico fabric and gain a political and diplomatic edge when it comes to trade and investment.” concludes the report. “Ransomware gangs targeting one-off government establishments for monetary returns are also not a new phenomenon. Regardless, the global cybersecurity fraternity and policymakers must closely monitor ransomware gangs mobilizing their resources to strike at these nation’s foundations.”

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. I ask you to vote for me again (even if you have already done it), because this vote is for the final.

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”)

To nominate, please visit: 

https://docs.google.com/forms/d/e/1FAIpQLSdNDzjvToMSq36YkIHQWwhma90SR0E9rLndflZ3Cu_gVI2Axw/viewform

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment