The Colombian Government and IFX Networks, a communication services and digital platforms company, activated a contingency plan to mitigate the effects produced by the cyber attack of which the company was a victim and which has affected several state institutions. This was reported this Friday by the Presidency, which detailed in a statement that the authorities have received “communication from more than 50 public and private organizations” in the country requesting “support.”
The incident at IFX, also Netglobalis in Chile, was reported by the CSIRT of the trans-Andean country. The company issued an official statement in which they assure that the attack was against “some virtual machines” and assured that “no vulnerabilities have been evident in the information, privacy and security of the data hosted in the cloud.”
Being a supplier to other clients, the attack is part of what is known as a supply chain attack.
The Digital Transformation team of the Presidency detailed that IFX filed a complaint with the Prosecutor’s Office for the attack, which affected portals and pages of the Ministry of Health, the Superintendence of Health and the Superior Council of the Judiciary.
He also stated that “he has contracts with 46 public entities, of which 25 have connectivity services and 21 have data center (cloud) services”, specifying that he implemented a contingency plan for the connectivity service in the 25 entities.
In this sense, more than 30 companies have received technical support to “redouble their efforts, after the impact generated by the cyberattack, which until now “It does not specify the number of companies and entities affected.”
“Colombia Compra Eficiente requested from IFX a set of technical information in relation to the incident, in accordance with what is established in the annex of transversal conditions of the Price Framework Agreement,” the Presidency specified.
IFX, meanwhile, promised to set a date to restore its services and “response times for access to backup copies, once it is verified that no vulnerability exists.”
The cyber attack
The Ministry of Information and Communications Technologies (MinTIC) explained in a statement that since September 12, IFX Networks suffered an external cybersecurity attack type Ransomware (“digital kidnapping” of information and applications), which affected around 762 companies in Latin America.
As for the threat actor, it is believed that the person behind it is Ransom House, based on information that circulated in private groups of directors of different companies in Latin America. However, the poster did not confirm the attack on its site and only circulated an image of MarioLocker the name that Trend Micro gave to a ransomware that is used by Ransom House.
“The supplier IFX reports that the technical team is working on restoring the service (…) prioritized attention is requested for the health sector, in order to mitigate the impact caused by this incident on digital care, procedures, among others, as well as other entities that also require support to continue their operations,” the information added.
Due to the cyberattack on IFX Networks, the Colombian Judicial Branch reported on the social network of tutela (recursos de amparo), habeas corpus and the guarantee control function”.
Ransomware comes from “data ransom program”: ransom in English means ransom, and ware is a shortening of the well-known word software: a data hijacking program. Ransomware is a subtype of malware, an acronym for “malicious software.”
Now, this type of program acts by restricting access to parts of our personal information, or all of it. And generally, hackers exploit this to ask for something in return: money.