RIO DE JANEIRO, BRAZIL – Brazil’s Minister of Health Queiroga on Monday acknowledged that the federal government’s servers suffered a second hacking attempt. However, the Minister downplayed the impact of the new criminal action.
“That first attack was not on the Ministry of Health, it was on Embratel, and fortunately the data was not compromised. As for this one, it was something minor and we are working to recover it as soon as possible,” Queiroga said.
The Minister admitted that the new attack may delay resuming the functionalities of ConecteSUS, the Ministry of Health’s system that allows citizens to access proof of vaccination and other features. Queiroga had earlier promised that the app would be operational on Tuesday.
In addition to ConecteSUS, the Coronavirus Panel, a government portal for disclosing Covid-19 data and information, and DataSUS, the SUS IT department, were also affected by the cyber attack. However, Queiroga reiterated that the data stored on the platforms are preserved.
“We are working to restore all ConecteSUS functionalities so that Brazilians will be able to access all information,” Queiroga said.
On Monday night, the Institutional Security Cabinet (GSI), responsible for the cybersecurity of federal agencies, admitted that the attacks occurred in a cloud environment. In a statement, the GSI said that the cloud service providers are cooperating with the federal public administration in addressing the incidents.
In addition, the GSI pointed out that it sent federal agencies an alert with measures to be taken to mitigate and prevent the consequences of the attack. In the alert, the Cyber Incident Prevention, Treatment and Response Center pointed out that the hacking cases occurred using legitimate system administrator profiles, which prevented the criminals from having access to all the data in the hacked system.
“The several teams are being instructed on evidence preservation procedures. The guidelines issued have been strictly in line with the best practices for incident response, and the cooperation between the several agencies involved has been essential and effective,” the agency said.