Ransomware Hackers Freeze Papua New Guinea’s Aid Money

Ransomware Attack

Papua New Guinea’s finance department has revealed that its payment system, which manages access to hundreds of millions of dollars in foreign aid money, was hit with a ransomware attack.

The attack on the Department of Finance’s Integrated Financial Management System (IFMS) occurred at 1 a.m. local time on Oct. 22, according to a statement released by John Pundari, finance minister and acting treasurer.

The IFMS consolidated the Pacific nation’s budget and accounting for all tiers and departments of government onto a platform. It controls access to funds for the government, which is heavily reliant on foreign aid.

Pundari said the system has been fully restored but “because of the risk, we are playing safe by not allowing full usage of the affected network.”

Government departments and agencies would have to process checks in a secured environment, “through a controlled temporary arrangement.” Calls to the Finance Department were unanswered.

The finance department didn’t pay any ransom to any hacker or third party, Pundari said, and he insisted the government’s financial system has been “fully restored.”

The attackers have demanded Bitcoin in ransom, people familiar with the situation said.

The government’s network systems have several critical vulnerabilities that would have allowed the attackers to breach networks, people familiar with Papua New Guinea’s data security said.

In one example, earlier this year Microsoft Corp. warned its customers of vulnerabilities in its business email software and urged them to install the patches that would address the flaws.

Servers for departments and agencies in Papua New Guinea’s government remain exposed to such an attack, according to a scan using the Shodan search engine, which tracks malware and malicious activity across the internet. The scan was conducted by one of the people familiar with the situation.

In ransomware attacks, hackers encrypt a victim’s computer files and then demand payment to unlock them. Ransomware attacks have been increasing rapidly in recent years, targeting school districts and cities, hospitals and businesses across the globe.

Ransomware Attack


Leave a Reply

Your email address will not be published. Required fields are marked *