On Tuesday, Walixson Amaury Nuñez, the IAD’s director of technology, confirmed that it was indeed a ransomware attack. According to Dominican Today, state engineers face an uphill challenge trying to “keep the system afloat.” As of Tuesday, the network was still offline.
Attack Crippled IAD’s Servers
Nuñez said the attackers seized control of four physical servers and eight virtual servers. Only one Linux-based server was not affected. The ransomware attack exposed all the agency’s internal documents, including databases, applications, emails, and more. The IAD is an arm of the Dominican Republic’s Ministry of Agriculture. Its duties involve executing agrarian programs and supporting farmers throughout the country. A source told Bleeping Computer that the IAD might be unable to cough up the $600,000 ransom because it simply cannot afford to do so. Meanwhile, investigations by the Dominican Republic’s cybersecurity center show the IP addresses of the attackers originate from the United States and Russia. However, no group has claimed responsibility for the ransomware attack. Bleeping Computer said its investigations indicate the Quantum Ransomware gang was responsible for the attack. Quantum is believed to be an offshoot of the Conti ransomware gang. The hackers are reportedly threatening to release 1 TB of stolen data if their demands are not met. There has been a spate of ransomware attacks in South America since last year. Hackers have targeted state agencies and private companies in Brazil, Peru, Argentina, Mexico, Ecuador, and Costa Rica.
Agency Didn’t Have Cybersecurity Safeguards
The IAD didn’t have any monitoring system to protect its network. The agency only had antivirus and firewall, according to Dominican Today. In the aftermath of this breach, the IAD is planning to create a technical security department. The country’s cybersecurity center installed a constant monitoring tool on Monday to ensure the attack does not spread. It also directed the IAD not to connect its systems to the internet without appropriate protections. This revelation about the IAD’s worrying cybersecurity practices comes shortly after the Dominican Republic and the United States issued a joint statement on cyber policy. The United States pledged to support the Dominican Republic in improving its cybersecurity capabilities. This commitment covers efforts such as incident response capabilities across government agencies, cyber policy development, and intra-agency coordination. If you found this story interesting, we recommend checking out our in-depth guide to ransomware.
