[BreachExchange] Brazilian National Treasury hit with ransomware attack

[Sophia Kingsbury]

https://www.zdnet.com/index.php/category/2381/index.php/article/brazilian-national-treasury-hit-with-ransomware-attack/

The Brazilian government has released a note stating the National Treasury
has been hit with a ransomware attack on Friday (13).

According to a statement from the Ministry of Economy, initial measures to
contain the impact of the cyberattack were immediately taken. The first
assessments so far have found there was no damage to the structuring
systems of the National Treasury, such as the platforms relating to public
debt administration.

The effects of the ransomware attack are being analyzed by security
specialists from the National Treasury and the Digital Government
Secretariat (DGS). The Federal Police has also been notified. The Ministry
noted new information on the incident "will be disclosed in a timely manner
and with due transparency".

A further statement released jointly with the Brazilian Stock Exchange
today (16) noted that the attack did not affect "in any way" the operations
of Tesouro Direto - a program that enables the purchase of Brazilian
government bonds by individuals.

The incident at the National Treasury follows a major cyberattack that
emerged in November 2020, against the Brazilian Superior Electoral Court.
The attack brought the Court's systems to a standstill for over two weeks.

At the time, the event was considered to the most comprehensive attack ever
orchestrated against a Brazilian public sector institution, in terms of its
complexity and the extension of the damage caused.

In July, the Brazilian government announced the creation of a cyberattack
response network aimed at promoting faster response to cyber threats and
vulnerabilities through coordination between federal government bodies.

The DGS, which operates under the Special Secretariat for Management and
Digital Government of the Ministry of Economy, will have a strategic role
in the formation of the network. The DGS is the central body of SISP, a
system utilized for planning, coordinating, organizing, operating,
controlling and supervising the federal government's information technology
resources across more than 200 bodies.

In the private sector, major ransomware attacks that emerged in 2021 in
Brazil involved large companies such as healthcare firm Fleury and
aerospace conglomerate Embraer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210817/789c7dfb/attachment.html>