Brazilian government recovers from “worst-ever” cyberattack
After suffering the most severe cyberattack ever orchestrated against a Brazilian public sector institution, the Superior Electoral Court (STJ, in the Portuguese acronym) has managed to get its systems back up and running, after more than two weeks facing disruption.
After the ransomware attack, which took place in November 3, the STJ’s systems were totally unavailable for 26 hours, so that the Federal Police could gather the evidence. The investigation process, which also involves he federal data processing service Serpro, and the Army’s cyberdefence unit, is still ongoing. The Court then had to operate with limited functionality for urgent cases until the systems were fully re-established in November 20.
According to the president of the STJ, minister Henrique Martins, the event was “the worst-ever” cyberattack that a Brazilian government body has suffered, both in terms of the dimension and complexity involved.
“Up until that point, our team had not experienced anything similar, and, despite the fact we were ready, we were led towards transformations, which will enhance the way in which the Court deals with information security”, the minister said in a statement.
According to the STJ, the work around the re-establishment of the access to the network, systems and backups, as well as the enhanced cybersecurity set-up, involved a team of over 50 IT professionals from its own team.
In addition, another 50 professionals from eight technology companies including Atos, Microsoft and Redbelt Security were involved in the process, also supported the recovery project.
However, the STJ minister pointed out that there are challenges that still need to be overcome, including the revision of policies, technology architecture and an adaptation to the General Data Protection Regulations, which went live in September. The process of restructuring and improving data security at the STJ “will be constantly improved,” the statement noted.
“There is unconditional support from [STJ’s] management to raise the level of information security that we offer. This is an institutional asset, which we will not give up”, the statement from the minister noted.