The Rhysida ransomware group hit the Kuwait Ministry of Finance

1 year ago 76
BOOK THIS SPACE FOR AD
ARTICLE AD

The Rhysida ransomware group hit the Kuwait Ministry of Finance

Pierluigi Paganini September 26, 2023

This week the Rhysida ransomware group claimed the hack of the Kuwait Ministry of Finance and added it to its Tor leak site.

Last week a ransomware attack hit the Government of Kuwait, the attack took place on September 18 and the government experts immediately started the incident response procedures to block the threat.

Below is the message published on Twitter by the official X account of Kuwait’s Ministry of Finance. Government officials shut off affected systems to prevent the threat from spreading. The Ministry’s message pointed out that payment and payroll systems were impacted because are hosted on a separate network.

“The Ministry of Finance announces that at dawn today one of its systems was the subject of an attempted hacking via malware. The systems and protection procedures were activated and the systems were deactivated, and the level of the attempted hacking is under evaluation. valued. The Ministry also confirms that salary transfer procedures will not be affected by this cyber attack, as the government’s financial systems are separate.”

تصريح صحفي: تعلن وزارة المالية أن أحد أنظمتها قد تعرض لمحاولة اختراق عبر فيروس فجر اليوم، وتم تفعيل أنظمة وإجراءات الحماية وفك ترابط الأنظمة، وجارٍ تقييم مستوى محاولة الاختراق. كما تؤكد الوزارة أن إجراءات تحويل الرواتب لن تتأثر بهذا الاختراق، فالأنظمة المالية للحكومة مفصولة. pic.twitter.com/OPYyRQE1jB

— وزارة المالية-الكويت (@MOFKW) September 18, 2023

Currently, the Ministry has yet to fully recover from the ransomware attack.

According to a press release published by the government of Kuwait this week, local authorities, including the National Cyber Center, are investigating the incident with the help cybersecurity firms.

تصريح صحفي:تحديث بشأن التحقيقات الجارية في عملية الهجمة السيبرانية المحدودة التي تمت في 18 سبتمبر وأصابت أحد أنظمة الوزارة:
– جميع البيانات الخاصة برواتب العاملين في الجهات الحكومية لا تخزن في أنظمة الوزارة
– العمل مع شركة عالمية متخصصة في مكافحة هذا النوع من الجرائم المعلوماتية pic.twitter.com/SaK4NGwoYB

— وزارة المالية-الكويت (@MOFKW) September 25, 2023

This week the Rhysida ransomware group claimed responsibility for the attack and added the ministry to the list of victims on its Tor leak site. The group also published a set of documents as proof of the hack.

Kuwait

Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization.

The Rhysida ransomware group has been active since May 2023, according to the gang’s Tor leak site, at least 44 companies are victims of the operation.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)



Read Entire Article