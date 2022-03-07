Last year, every day in Colombia there were more than 30 million attempted cyberattacks, which implied an increase of 62.5 percent and 4,200 million cases since 2020, according to figures reported by the Forti Guard Labs laboratory, of the Fortinet firm.

Several of the ‘successful’ attacks put entities such as the National Department of Statistics (Dane) and the National Institute for Food and Drug Surveillance (Invima) in check.

In both cases, it is ensured that the entities have not lost the information or have succumbed to the claims of cybercriminals to restore their services, and the process is not over yet.

According to Kaspersky, the number of malicious files detected each day reached 380,000 in 2021, which represents an increase of 5.7 percent compared to the previous year’s figure. That is, 20,000 discoveries per day more than in 2020.

The growth is related, among other factors, to the increase in the number of mobile devices used throughout the world. For Alexánder Ramírez Duque, manager of Frontech-Eset, a computer security company, more than 20 percent of security incidents occur through web applications or web services of public and private entities.

However, the greatest vulnerability of organizations is the collaborators, the lack of culture, awareness and knowledge in cybersecurity, especially in times of hybrid work. One of the biggest risks is opening a file with malicious code that can infect a computer and, in turn, the network to which it is connected.

He also stated that after a file is encrypted with ransomware it is very difficult to recover it, but that is why it is important to have a backup of the most sensitive information from both public and private entities, and “it is recommended not to pay a ransom in case of information hijacking, since it can encourage cybercriminals to encourage this type of practice; in addition, having double factor authentication mechanisms to guarantee that the person who enters the company’s resources has the authorization”, he pointed out.

We see an increase in the hijacking of information, and although there are several options to defend themselves, companies lack preparation and they are attacks that could have been prevented

Andrés Cajamarca, Engineering Manager at Fortinet Colombia, explained that the increase in attacks on entities in the country is due to the function they perform.

“We see an increase in the kidnapping of information, and although there are several options to defend themselves, companies lack preparation and they are attacks that could have been prevented and that will continue to grow due to geopolitical situations. This is a business that moves close to $20 billion a year from people who pay to have their information back,” he said.

The cases of Invima and Dane

According to research, BlackByte ransomware was the one that caused the crash of Invima’s computer systems. With this malicious software that hijacks data or computer infrastructure, activity in the country’s ports was delayed, and although its director, Julio César Aldana, pointed out that the entity shielded the information in the process and some procedures have been restored, there is still work to do.

The Ministry of Commerce, Industry and Tourism pointed out that after joint work between the different government authorities, port authorities and foreign trade users, there is a positive part in the reestablishment of Invima’s systematized operations. “This being the case, we have a coverage of 90 percent in the operations through the system”, he explained.

In addition, the permanent Trade Facilitation Table was installed, through which the contingency is exclusively attended. The ICT Ministry is one of the participants, but when asked about the actions carried out and the country’s threats, it did not provide information.

According to the Colombian Cyber ​​Emergencies Response Group (Colcert), of the Ministry of Defense, From servers in Russia, China, Nicaragua and Venezuela the pages of the Colombian Government have been attacked; In addition, the number of incident reports on state pages grew by 12.5 percent, going from 96 cases in 2020 to 108 in 2021.

In the case of abusive content or spam, the entity points out that it grew by 373 percent.

percent, since it went from 26 cases in 2020 to 123 in 2021, the same situation that occurred with the cases of malicious viruses for theft or to encrypt the information and data of companies and individuals, but in the case of Attempts to take down websites decreased 49 percent, from 87 cases in 2020 to 44 in 2021.

there was no robbery

The director of Dane, Juan Daniel Oviedo, explained that the attack suffered by the entity on November 9, 2021 is expected to be completely overcome next May.

With a balance of damages, it was known that the attack only occurred to delete databases, disorganize some systems, that there was no exit, theft or elimination of information.

“There was no outbound traffic; Forensic audit determined that there was no theft or that anything was removed from the entity, there was even a false email with a demand for money by a supposed employee and it was determined that this was not true, that it was another attack, from a contractor who no longer worked at the Dane, ”said the manager.

The entity is in a recovery scenario, and it is expected to be ready in May. “By Dane, this required an extra investment of 3,512 million pesos.

Additionally, in the exercise of reactivation of computer services, an investment scenario has been built for the security and efficiency of information processing for 31,324 million pesos, said Oviedo.



election hacking

The national registrar, Alexander Vega Rocha, reported that in the last seven days, the website of the Registrar’s Office has received 400,000 attacks, but the page has not been hacked, they have been counteracted and added that there is no direct threat against the system. electoral.

Similarly, the FBI will support the Colombian authorities who say that there are some IPs in Central American and Central European countries behind the attacks on the country.

LAURA LESMES DIAZ

Technology Writing