TONGA: Cybercrime Hits State-Owned Telecommunications Company

Ransomware Attack Slows Down Operations at Tonga Communications Corporation

On Monday, Tonga Communications Corporation (TCC) issued a warning confirming that it had been hit with ransomware. The attack is causing concerns about the potential impact on its administrative operations.

Affected Services

The attack may slow down processes such as:

• Connecting new customers
• Delivering bills
• Managing customer inquiries

However, TCC reassured customers that voice and internet services will not be affected.

Medusa Ransomware Group Responsible for Attack

Cybersecurity expert Dominic Alvieri confirmed that the Medusa ransomware group is responsible for the attack. The company is working with security firms to mitigate the effects of the malware.

About Tonga Communications Corporation

TCC is one of two telecoms companies in the Pacific island nation, controlling all fixed telephone lines and holding a 70% market share of dial-up and broadband internet. With over 300 employees, it also manages about half of the mobile phone services through its UCall service.

Medusa Ransomware Group’s Modus Operandi

Cybersecurity experts have warned that Medusa operates as a Ransomware-as-a-Service (RaaS) model, typically giving affiliates 60% of ransoms while keeping the rest. The group has been known to exploit vulnerabilities in Remote Desktop Protocol (RDP) to access victims’ networks and encrypt data.

Not an Isolated Incident

This attack is not an isolated incident. Other small island governments have also been targeted by cybercriminals, including:

• French island of Guadeloupe, which was hit with a ransomware attack in November
• Vanuatu government, which was knocked offline earlier this year after a similar attack

The Vanuatu attack crippled the operations of the country’s parliament, police, and prime minister’s office, as well as digital tools used by schools, hospitals, and government services.