The Dominican Republic government agency, Instituto Agrario Dominicano (IAD), has been hit by a ransomware attack. Four physical servers and eight virtual servers impacted the IAD’s Agrarian Reform programs compromising databases, applications and emails. While IAD’s servers have remained down since the incident, Quantum ransomware claims to have gained access to over 1TB of data and has requested IAD pay a public ransom fee of over $600,000.
Craig McDonald, VP of Product Management at BackBox, shared his insights on the incident and how organizations can protect themselves from similar threats.
"Numerous services and workstations at IAD have been encrypted since this ransomware attack occurred, with databases, applications and emails among the compromised 1TB of information. IAD shared with local media sources that they lack a dedicated security department and only offer limited security software in their systems, and that 12 servers have been compromised overall.
While IAD is receiving recovery aid from the National Cybersecurity Center (CNCS), it is unknown whether or not systems are offline as a result of the attack or if business processes are able to execute properly. Organizations, especially those as valuable as government agencies, must implement a proper backup and recovery plan to bring any possible downtime to a minimum. Key elements of disaster recovery include tracking an extensive guide of all inventory details, assigning company members specific responsibilities and offering an alternative communication avenue in case traditional modes are rendered unreliable. Applying network security automation practices - including scheduling regular backups and validating backups and recovery steps in advance - will help reduce the impact of outages, and ensuring that network devices always have the latest configurations and patches helps prevent future ransomware attacks."
###
Comments