Financial Crime World

CYBERSECURITY THREATS TO FINANCIAL INSTITUTIONS IN COLOMBIA

A Major Supply Chain Attack Rocks the Country

In a brazen attack that has sent shockwaves across the nation, Colombia’s financial infrastructure and government services were hit by a massive third-party ransomware attack in early September 2023. The cyber assault, carried out through internet service provider IFX Networks, compromised sensitive data of over 762 companies in Latin America, affecting not only businesses but also critical government agencies.

The Attack: A Closer Look

  • Scale of the attack: The Office of the President has stated that the scale of the attack demonstrates that IFX “did not have the right cybersecurity measures in place.”
  • Affected parties: At least 32 critical websites were damaged or frozen, including those of the Ministry of Health, competition regulator, judicial branch services, and stock market authority.
  • Economic impact: The attack has fueled concerns about the personal data of an unspecified number of Colombians being compromised and put on the Dark Web.

Consequences of the Attack

The ransomware attack had far-reaching consequences for Colombia’s economy and government operations. Some of these consequences include:

  • Delayed exports and imports: Exporters requiring permits from affected entities like the Colombian Agricultural Institute faced almost twice as long delays in obtaining necessary information, while imports into Colombia were also delayed.
  • Suspended legal processes: Two million legal processes were suspended for seven days due to the outage.
  • Loss of online services: Many health centers lost online services, affecting patients’ access to appointments and prescriptions.

The Need for Robust Cybersecurity Measures

The cyber assault highlights the urgent need for Colombia to invest in robust cybersecurity measures and establish a national security agency dedicated to mitigating such threats. As business leader and President Petro’s adviser Saúl Kattan Cohen pointed out on social media, the creation of a National Security and Space Affairs Agency is now “urgent” given the country’s vulnerability to cyber attacks.

A Global Challenge

Colombia is not alone in facing this challenge. Other governments worldwide have been hit by similar ransomware attacks in recent years, including Sri Lanka, the Dominican Republic, and Costa Rica. New Zealand’s stock exchange was also knocked out for two days running in 2020 due to a DDoS attack.

Conclusion

In response to these threats, organizations of all sizes must take a more strategic, coordinated, and considered approach to building their cybersecurity defenses. By doing so, they can protect themselves and their wider supply chain networks from the devastating consequences of cyber attacks like this one.