Updated on 2022-09-28
Ransomware attack hits Chile’s judiciary: The Chilean government got hit by a second ransomware attack in less than a month, after Sernac, the country’s National Consumer Service, was hit at the end of August. This time, the attack hit the country’s Judiciary branch, the PJUD, which said the attack only impacted a small portion of its enterprise network, specifically, only Windows 7 systems.
Read more in
- Ministra vocera de la Corte Suprema y ataque informático: “Se tomaron medidas oportunas”
- “Es difícil pesquisar esto”: Suprema dice que no perseguirá a responsables de ransomware en el PJUD
Overview: Ransomware Attack Targeted Chilean Government Agency
An unspecified Chilean government agency has been hit with a ransomware attack. The attack began on August 25 and affected Microsoft and VMware ESXi servers. According to Chile’s national computer security and incident response team (CSIRT), the malware used in the attack has the capability to steal credentials from browsers and evade antivirus detection.
Note
- Attacks on Latin American governments and organizations are on the rise. Please see the warnings and prepare. Test your organization with these well-known adversary behaviors so you can detect and respond to a ransomware attack before the data leaves your network and/or is encrypted.
- While the specific strain and actors are not yet fully understood, the basics still apply. Use current EDR, keep your boundary protections updated, validate their configuration, keep OS and applications updated. Don’t overlook your hypervisor. Actively manage user accounts and MFA all publicly accessible entry points. If you’re not able to actively monitor, hire it out. Last, but far from least, make sure that you not only have good backups but also are able to restore from the ground up if needed.
Read more in
