Guatemala's Ministry of Foreign Affairs has not provided any details regarding a ransomware attack earlier this year amid the ongoing investigation into the incident, according to The Record, a news site by cybersecurity firm Recorded Future.
The Onyx ransomware operation listed Guatemala's Foreign Affairs Ministry on its leak site in late September and on Nov. 21. Initially identified in April and reported by BlackBerry researchers to have used ransomware based on the Chaos v4.0 ransomware builder, the Onyx ransomware gang was later noted by Dragos researchers to be launching attacks against critical infrastructure operations.
Onyx's attack against the Guatemalan Foreign Ministry is among the many cyberattacks faced by Latin American governments and militaries during the past year.
Rio de Janeiro's finance department and Costa Rica had been impacted by ransomware attacks in April and May, respectively. Argentina also saw ransomware attacks aimed at the Judiciary of Cordoba in August and the legislature of Buenos Aires in September. Ransomware groups have also compromised a Chilean government agency and the Dominican Republic in August.
Ransomware attack against Guatemala’s Foreign Ministry under investigation
Guatemala's Ministry of Foreign Affairs has not provided any details regarding a ransomware attack earlier this year amid the ongoing investigation into the incident, according to The Record, a news site by cybersecurity firm Recorded Future.
Insurance firms have been urged by Deputy National Security Adviser for Cyber and Emerging Technologies Anne Neuberger to cease policies encouraging ransomware-hit organizations to provide extortion payments amid increasingly severe intrusions around the world.
Investigation into the attack, which no ransomware operation has claimed yet, is still underway, according to Highline, which noted that student and staff device re-imaging and network password resets will commence next week.
Attackers were able to exfiltrate individuals' names, Social Security numbers, and other personal details as a result of the incident but there has been no evidence suggesting the misuse of impacted data, said UMG in a filing with the Office of the Maine Attorney General.