LockBit Ransomware Hit Rio de Janeiro Finance Department, Stole 420 GB Files
2022-04-27 | Vinchin Official
Rio de Janeiro finance department confirmed a ransomware attack from LockBit on April 22, stealing around 420 GB files of the government and the official was handling the issue.
The LockBit gang, which has attacked over 650 organizations this year by researchers of The Record, hacked the government system with LockBit 2.0 and stole 0.05% files of the department from Sefaz-RJ systems and threatened to leak the data if unpaid.
The spokesperson for the Secretary of State for Finance said they contacted the Brazil digital crimes agency right after the cybercriminals menaced them to breach the stolen data. And the Undersecretariat for Information and Communication Technology (SUBTIC) also worked with the police on the investigation. SUBTIC has been strengthening information security since 2020, so the attacked by LockBit has low impact on the system.
Rio de Janeiro has the second-highest GDP of Brazilian city and is home to several state-run companies, for instance, Petrobras, Eletrobras, Caixa Econômica Federal, National Economic and Social Development Bank, and Vale.
It is one of South America's financial hubs, with the world's 30th largest economy. In 2021, the city's exports totaled $32.5 billion.
How to prevent cyber crime?
Cyberattacks from LockBit and other cybercriminal gangs have spiked in the recent years, the Brazil government is not the first victim, now will it be the last. How to prevent cyber crimes? This is a constant question kept asked by companies and organizations. It seems no matter how well-prepared they are, the hackers always find a loophole to exploit, which is frustrating. Yet preparation has to be done and done it well.
Patch and update your software and firewall for starters. A solid IT system always matters. Train your staff for common cyberattacks and dos, don’ts in such situations. And make sure limited access to the system with different strong passwords and double authentication. But most of all, always remember to backup to store valuable resources for effective post-cybercrime recovery. Vinchin Backup & Recovery is a virtual machine data protection solution with features ranging from data backup to disaster recovery to fend off malwares and cyberattacks.
1. Back up in advance with smart backup strategies
Vinchin Backup & Recovery has Full Backup, Differential Backup and CBT/SpeedKit-driven Incremental Backup for you to choose from. You can customize the strategy and backup schedules under the construction of time windows indicator. The CBT (Changed Block Tracking) and SpeedKit (CBT alternative based on the latest snapshots) extract changed data for faster incremental backup. The data transfers faster and safer through LAN, SAN or Encrypted Transmission for lesser resource consumption and direct transmission.
2. Anti-ransomware technology
Vinchin Backup & Recovery adds anti-ransomware function to backup storage through real-time I/O monitoring technology to protect backup data stored in Vinchin backup server. The smart detection will immediately deny requests from unauthorized applications to modify backup data. If ransomware or other malware attempts to alter the backup, the visit will be rejected.
3. Fast recovery after cyberattacks
Vinchin Backup & Recovery observes 3-2-1 backup rule to minimize data loss. Except for on-premises scheduled backups, the solution also offers offsite backup copy and archive to cloud for effective disaster recovery to ensure business continuity and data integrity. You can either restore the VMs at remote site using offsite backup copies or retrieve the backups from the cloud to the production system. You can then use instant restore to recover the VMs and get it run again in 15 seconds at any authorized available host, minimizing downtime and financial loss after cyberattacks.
Cybercrimes are all over the news, and hackers are everywhere in the dark waiting for the unexpected strikes. The more sensitive and critical our data is, the more attention we should pay. Now is the time to prepare because it’s too late to mend when cybercriminals hit.