Cybersecurity experts commented below on the Ransomware attack on Argentina federal agency.
The news that Argentina\’s official immigration agency suffered a Netwalker ransomware attack that temporarily halted border crossing is significant – and not just because it may well be the first known attack against a federal agency that has interrupted the operations of an entire country.
News of yet another government-targeted ransomware attack might feel like déjà vu, but for those individuals trapped on either side of the border, it would have felt far longer than four hours. Any amount of downtime can have a long-lasting impact and serious repercussions and an outage at such a national scale has severe implications, ranging from frustrated citizens to damaged reputation and disrupted revenue-generating operations.
The difference between being down for hours or days versus minutes or seconds is the difference between a solid disaster recovery plan and one that is outdated, barely tested, or even non-existent. Prevention plans aren’t enough as attacks build in frequency and strength, causing irreparable harm to brand reputation and increasing risk. Ultimately, the end goal is to maintain regular operations so that customers will not experience any interruption or frustrations.
In these situations, many organisations may feel hopeless because the idea of revamping their IT resilience strategy seems complicated and expensive, but with the simplicity and affordability provided by cloud-based advancements, disaster recovery systems that were once only possible for the largest, wealthiest organisations are now accessible to all.
While – perhaps luckily – it seems the government is not concerned with recovering the lost data, for most organisations such a long outage affecting millions of people could be catastrophic. This attack should serve as a stark reminder for both the public and private sectors to begin actively investing in dynamic and modern disaster recovery (DR) solutions, for protection against increasingly sophisticated cyber-threats.
To prevent future ransomware attacks and safeguard highly sensitive information, federal agencies must have full visibility and control over their data. This can be accomplished by leveraging multi-faceted solutions that defend against malware on any endpoint, enforce real-time access control, detect misconfigurations, encrypt sensitive data at rest, manage the sharing of data with external parties, and prevent data leakage. In addition, governments must ensure adequate employee training to protect from ransomware.
Ransomware is incredibly dangerous as it not only encrypts sensitive data, rendering it inaccessible, but it can also disrupt critical applications and systems, causing major outages and stoppages in operations.
We can expect cybercriminals to continue to exploit common vulnerabilities in these types of opportunistic ransomware campaigns – and we strongly encourage federal agencies to patch vulnerabilities as quickly as they can while ensuring all systems and programs are up to date.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics