Register now for better personalized quote!

Brazilian Ministry of Health recovers systems over a month after cyberattack

Jan, 18, 2022 Hi-network.com

After a major cyberattack brought key systems of Brazil's Ministry of Health (MoH) to a halt, the department has reported all its platforms are back online.

COVID-19 Testing

The best at-home rapid test kits

Testing at home can provide peace of mind, and it doesn't have to take a long time or be terribly expensive.

Read now

According to a statement released by the MoH on Friday (14), most systems have been reestablished following a cyberattack in early December 2021, including ConecteSUS, which holds COVID-19 vaccination data. However, some systems still need to be recovered, and the deadline for completing the work is this coming Friday (21).

As a result of the cyberattack, crucial data on the pandemic, including cases, deaths and vaccination data, was unavailable for nearly a month. This meant that, for example, institutions that rely on government data onCOVID-19 to monitor the local developments around the virus could not access the information they need since early December 2021. Hospital managers also reported challenges introduced by the lack of access to data in aspects such as planning for new beds and purchasing medicines as well as hiring professionals.

However, Rodrigo Cruz, executive secretary at the MoH, insisted there was no loss of information or a healthcare data blackout. "The Ministry continued to receive and disseminate data [since the cyberattack], especially the data relating to the [COVID-19] pandemic. This information was and continues to be easily accessible on our website through our newsletters and epidemiological bulletins," he said.

The attackers used legitimate access credentials to access the national healthcare data network. Cruz noted that this cloud-based database feeds systems, including those relating to the pandemic management, meaning there was no need for any sophisticated cyberattack techniques. Responsibility for the attack was claimed by the Lapsus$Group, which said 50TB worth of data had been extracted from the MoH's systems and subsequently deleted.

The MoH secretary confirmed the attackers were able to access other MoH systems and deleted COVID-19 data, as well as systems. "These are not off-the-shelf systems that can be erased and reinstalled with a CD or a USB stick. When the system is deleted, it has to be rebuilt since it is customized and built specifically for the Ministry of Health," he noted.

Cruz added the first challenge was to ensure that no data had been compromised, then rebuild the systems so that the MoH could receive the data produced by cities and states. He pointed out, all systems have had their data capture processes established.

According to the Brazilian Ministry of Health, all the department's access credentials have been updated, and access control processes have been improved. In addition, the cyber risks and vulnerabilities of the main MOH systems have been assessed. A data protection committee has also been created as part of the department's action plan to deal with the fallout of the cyberattack.

Questioned about the possibility of the involvement of civil service staff in the occurrence, Brazilian health minister Marcelo Queiroga said, "if there was any sabotage, it was not on the ministry's part". He added criminals orchestrated the attack, and the Federal Police are investigating it.

Security

8 habits of highly secure remote workersHow to find and remove spyware from your phoneThe best VPN services: How do the top 5 compare?How to find out if you are involved in a data breach -- and what to do next
  • 8 habits of highly secure remote workers
  • How to find and remove spyware from your phone
  • The best VPN services: How do the top 5 compare?
  • How to find out if you are involved in a data breach -- and what to do next

tag-icon Hot Tags : Tech Security

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.