Last week the STJ (Superior Court of Justice) was hacked. This action paralyzed the court’s servers and made digitized processes, emails and other internal systems inaccessible. At least 12,000 cases were directly affected.
The name of this attack is “ransomware”. Neologism mixes the word ransom (“rescue”) with goods (for software). The program fulfills what the name promises. Once it enters a company’s corporate system, it encrypts all data stored on the computers and servers on that network, rendering it inaccessible. In most cases, the data stays there, but is “encrypted” and the key to decrypting it is in the attacker’s hands.
This attacker then asks for ransom to restore everything. The amount is usually between $ 1 million and $ 6 million and is payable in virtual currencies such as Bitcoin or Monero. The attackers also use the attacked person to create a service channel, a kind of “call center”. In this channel they ask questions and send examples of how the data can be recovered. Or they can even teach the wholesaler to make transfers in virtual currencies if they have difficulty doing so.
This channel is usually more efficient and helpful than corporate call centers in Brazil. Hackers always react politely, attentively and patiently to everything on site.
As a lawyer, I have seen many victims of these types of cases. It is recommended that you never pay the ransom or contact or negotiate with the attackers.
Paying the ransom can have legal consequences and even constitute a procedural fraud crime. In addition, this type of attack can lead to violations of the General Data Protection Act, especially with regard to cybersecurity measures and if data is lost.
Generally, the attack comes through a simple email sent to an employee in the organization. The rep clicks on a link or file in the email (which usually offers a promotion) and then opens the door for the entire system to be infected. To give you an idea, more than 121 million ransonware attacks were reported in the first half of 2020. An epidemic is afoot.
What can be done to prevent this? A number of steps are required. The first is to make cybersecurity a priority, especially in the public sector. The country has neglected this issue for years. Brazil ranks 70th in the global cybersecurity ranking and 6th in Latin America behind Paraguay.
The second problem is thinking about the data architecture. In the case of the judiciary, it is important that public data can be stored on multiple public and private platforms. This is the embodiment of the principle of constitutional advertising in the age of the internet.
Another point is the construction of robust networks that make life difficult for attackers: keep systems up to date and use network architectures without trust and similar solutions.
This time it was the STJ, but the fact is that no system of government, including essential services in Brazil, is safe from this type of action today.
reader
There was already fake news only in the so-called brown press
American big techs are already fighting various fake messaging modalities
TikTok is already becoming the new platform where fake news is gaining the upper hand