Kuwait Government ministries have been falling victim to ransomware attacks even as officials try to assure data is safe. The Ministry of Finance is the latest victim to have succumbed to the cyberattack.
The Rhysida ransomware gang, the cybercriminal who took responsibility of the latest attack, has demanded the Ministry of Finance to pay 15 Bitcoins, worth about $400,000, within a 7-day deadline. It has threatened to sell the hacked data if the ministry fails to pay the ransom.
However, the Ministry of Finance brushed off the threats saying it does not store data about government employees’ salaries in its systems. The ministry took to social media platform X to inform the public that its systems have been isolated from other government entities since the day of the cyberattack.
Kuwait Government Getting to the Bottom of the Attack
The Kuwait government said a ransomware attack began on September 18. This prompted officials to separate and shut down the affected systems. The government highlighted that the Ministry of Finance formed a technical team, which includes the National Center Cyber, specialized and reliable international company.
“The Ministry of Finance confirms that all data on workers’ salaries in government bodies are stored in the Ministry’s systems, and financial transactions are recorded. All government agencies are continuing and operating normally.”
The government assured workers that the cyberattack would not impact salary transfer procedures.
The Rhysida Ransomware Gang
This notorious cybercriminal gang arose in May 2023 and came to the limelight after attacking the Chilean Army and leaking its data. The Rhysida ransomware gang is said to have attacked various healthcare organizations, including Prospect Medical Holdings. The gang demanded 50 Bitcoins, worth $1.5 million, for not selling the stolen data. The Rhysida ransomware gang stole 500,000 social security numbers, corporate documents and patient records.
ALSO READ: Indians Prefer Bahrain for Vacations and Weddings
This group has also targeted government entities, such as the government of Martinique. According to Quorumcyber, exploitation by Rhysida ransomware results in the encryption and exfiltration of significant quantities of data held on compromised systems.
Its demand for ransom depends on the value of the organization or government it attacks.