Brazilian Superior Electoral Court hit by major cyberattack
The Brazilian Superior Court of Justice (STJ, in the Portuguese acronym) has been hit by a major cyberattack that will bring its operations to a standstill for an entire week.
The incident was detected on Tuesday (3) while several trial sessions were taking place. According to the STJ, a virus was found in the Court’s network and, as a precautionary measure, the links to the Internet were disconnected, prompting the cancellation of trial sessions. All the Court’s systems, including email, as well as the telephony set up, also became unavailable as a result.
STJ minister Humberto Martins released a statement yesterday (5) on the incident, stating that the attack did not affect the information related to the ongoing Court proceedings. According to the minister’s note, the invasion blocked access to data using encryption, but there were backups in place.
Later, it emerged that the attack had also impacted the Court’s backups in what is being described as the worst ever cybersecurity incident ever recorded in Brazil.
Alongside the Brazilian Army’s Cyber Defense Center and the STJ’s pool of technology suppliers, which includes companies like Microsoft, the institution is now working on the recovery of the systems environment, using tape backups.
All the STJ sessions, which had been taking place virtually, have also been suspended. According to the Court, only urgent casework is being dealt with while the recovery taskforce progresses and the expectation is that systems will be up and running on November 10.
A federal police investigation has been launched at the the STJ’s request. Brazilian president Jair Bolsonaro said in a live streaming session yesterday (5) that a ransom had been demanded by the authors of the attack and that the actors responsible for the event had already been found. However, this had not been confirmed by the police at the time of writing.
The STJ cyberattack follows the news on Sunday (1) that the Brazilian National Council of Justice was the target of “unauthorized access” to its servers.