Bits ‘n Pieces (Trozos y Piezas)
Gt: Update on VSOP attack on Guatemala’s foreign ministry
Last week, DataBreaches reported that the Ministry of Foreign Affairs of Guatemala was a victim of a VSOP attack. The government confirmed an attack on October 5. Services have been restored:
Currently, the services are working, which has allowed us to provide uninterrupted attention to all the nationals. To date, more than 1,536 apostilled documents have been delivered and around 4,557 appointments have been attended, in addition to 8,059 appointments scheduled for this week.
Br: Jaime Câmara Group hacked by Vice Society
Ciso Advisor reports that on September 27, Brazilian media conglomerate Jaime Câmara Group (JCG) issued a statement that it had been a victim of an attack that blocked access to its systems:
As a result of this attack, our customers and users may notice changes in the quality of our content or even total unavailability, as in the case of some radio stations or newspaper sites.
We emphasize that all customer and user data is protected by encryption and therefore there is no risk of leakage. The damage of the attack is limited to restricting access to our systems.
Vice Society threat actors claimed responsibility for the attack and leaked corporate data that they had exfiltrated. In response to questions from DataBreaches, a Vice Society spokesperson stated that they knew JCG was aware of the attack at the time because JCG tried to block the attack. JCG did not respond to any of their demands at all, the spokesperson noted.
JCG did not reply to an inquiry from DataBreaches.
Co: The National Institute for Drug and Food Surveillance reports a a cyber-attack
On October 3, the National Institute for Drug and Food Surveillance (Invima), reported that an attack resulted in applications being unavailable, with the exception of the Single Window for Foreign Trade (VUCE).
Thanks to the timely response of our technical team, it has been possible to verify that the information, privacy and confidentiality of the data handled by the entity are protected; however, according to the established protocols, the entity has disabled the www.invima.gov.co portal, as well as the connections with the physical and virtual servers, until it is possible to identify the cause of the incident.
Invima has issued some updates since then, but as of today, the “be back soon” notice still appears.
Es-CT 13 healthcare centers in Catalonia affected by a “ransomware-type” attack
Onda Cero reports a cyberattack this morning has left the computer system and all services of the Consorci Sanitari Integral (CSI) inoperative. Three large hospitals in Barcelona have been affected, as well as 10 other health centers.
The three large CSI hospitals are Dos de Maig in Barcelona, Moisès Broggi in Sant Joan Despí and Hospital General de L’Hospitalet.
While this incident is resolved, emergencies continue to be attended to and by specialists who can continue to work without a computer, manually. (machine translation)
There has been no mention of which group is responsible for this attack, but ElHacker.net claims that this is the second ransomware attack CSI has experienced in two years. An official statement from the Department of Health describes this as a ransomware-type attack.
This is the second attack on a hospital system this week, with the first one being an attack on CommonSpirit health system in the U.S. CommonSpirit Health has 140 hospitals and more than 1,000 care sites in 21 states, with disruptions in care being reported by some facilities. No group has yet to claim responsibility for either attack.
Editing by Dissent