The Government of Brazil has issued a statement saying that the National Treasury was targeted by ransomware on Friday. After the hack was discovered, the threat was controlled, and the federal officials were notified as soon as the containment procedures were taken.
Primary steps to limit the risk of the hack were made right away, as per the statement from the Ministry of Economy. So far, the initial investigation has identified no harm to the National Treasury structural systems, including platforms for public debt management.
Cybersecurity experts from the Digital Government Secretariat (DGS) and the National Treasury are already doing a thorough examination of the impact of the ransomware attack on the system.
When further details on the cybersecurity incident become available, government authorities said that they will provide it in "a timely manner and with due transparency."
The ransomware attack did not affect the functioning of Tesouro Direto, a program that allows people to buy Brazilian government bonds, according to a statement published together with the Brazilian Stock Exchange.
In regards to its impact’s scope and complexity, the cyberattack incident was recognized at the moment as the most extensive hack operation that has ever been perpetrated against a Brazilian government department.
Before the incident at Brazil’s National Treasury, REvil ransomware targeted the Rio Grande do Sul Court system of Brazil in April, after a massive hack against the Brazilian Superior Electoral Court in November 2020.
For more than 2 weeks, the cyberattack caused the network systems of the court to a halt. In addition, the websites of several other Brazilian federal government organizations were forced to shut down as the Brazilian Superior Court of Justice dealt with the RansomEXX encrypting their systems.
On the other hand, the private industry in Brazil also experienced ransomware attacks in 2021 targeted prominent firms, including Embraer, an aircraft company, and Fleury, a healthcare company.
Also, the Brazilian government has revealed the development of a cyberattack response network in July to boost speedier action to any cybersecurity risks and threats by coordinating efforts among federal government agencies.
The DGS, a part of the Ministry of Economy's Special Secretariat for Management and Digital Government, will play a key role in the network's development.
Strategic Information Systems Planning (SISP) is a system that plans, coordinates, organizes, operates, controls, and supervises the federal government's IT resources throughout over 200 entities. The DGS is the core organization of SISP.
