[BreachExchange] Mozambican government websites suffer cyber attack

Wed Mar 2 09:47:30 EST 2022

https://globalvoices.org/2022/03/02/mozambican-government-websites-suffer-cyber-attack/

y Yemeni Hackers” along with a photo of a man with a machine gun and a
headscarf. Image: Giovana Fleck/Global Voices

Mozambique was surprised by the news that various government portals had
been tampered with by a group of computer hackers on February 21, 2022. The
main pages for numerous government websites had been replaced with notices
saying the pages were “attacked by Yemeni hackers,” paired with an image of
a man with a machine gun and a headscarf. Officials have not yet identified
the perpetrators or determined their motivation for the attack.

According to the news portal A Carta, the entire web apparatus of the
Mozambican government is managed (and hosted) by the National Institute of
Information and Communication Technologies of Mozambique (INTIC), the body
responsible for regulating, supervising, and inspecting the Information
Technology and Communication (ICT) sector.

While the attack temporarily suspended all operations on the sites, the
Director-General of the National Institute of Electronic Government
(INAGE), Hermínio Jasse, said that all the portals were operational again
the same day.

The Director-General of the National Institute of Electronic Government
(INAGE), Ermínio Jasse, said today at a press conference that the
Government portals that were the target of hacker attacks are operational
again. On the occasion, the Director explained that there was no loss of
information and that all the content of the portals is for public
consumption.

According to the Director-General of INAGE, the main concern after
detecting the problem was to make a “quick diagnosis” of the damage. The
investigation revealed the site content remained intact, though in the
hacker’s announcement, they said that data had been extracted and would be
sold at a low price. So far, there is no evidence to support this claim,
and little or nothing is known about the actual leakage of such data.

However, the solution lasted only for 24 hours. On the morning of the next
day, February 22, the same websites became inoperable again — this time,
the hackers posted a ransom request in exchange for the government site
data. It is not yet known whether they will be recovered again and what
measures will be taken to prevent future attacks.

On the subject, the director of the National Company of Science and
Technology Parks (ENPCT), Julião Cumbane, said that this problem stems from
the lack of preparation of Mozambican institutions in the security of their
data.

The GOVERNMENT of Mozambique under CYBER ATTACK?!?!… We are insistently
telling institutions and companies (public and private) that they MUST have
BACKUP COPIES of their DATA and COMPUTER SYSTEMS in a safe place and we are
IGNORED by those who should listen to us. And now?

Cyber insecurity has been a major issue in recent years, as revealed on its
Facebook page by the Confederation of Economic Associations of Mozambique
(CTA):
ATTENTION TO E-MAILS WITH MALICIOUS LINKS

The CTA comes through this to communicate that your email domain has been
cloned and emails with malicious links are being sent. Please do not click
on these links while internal cleanup work is in progress. As soon as it's
finished, we'll let you know. Thank you for understanding.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220302/3b0db40b/attachment.html>