(Bloomberg) -- Papua New Guinea’s finance department has been hit with a ransomware attack, locking access to hundreds of millions of dollars in foreign aid money, according to people familiar with the situation.
The attack on the Department of Finance’s Integrated Financial Management System (IFMS) occurred last week, the people said. The IFMS consolidated the Pacific nation’s budget and accounting for all tiers and departments of government onto a platform. It controls access to funds for the government, which is heavily reliant on foreign aid.
Employees in the accounting department of one ministry confirmed to Bloomberg that the system was down, and that the Department of Finance told them it was working on it but didn’t explain the cause.
The attackers have demanded Bitcoin in ransom, the people added, who requested anonymity to discuss confidential government affairs. They didn’t disclose how much Bitcoin was being sought.
The office of the prime minister, the department of finance and the office of the minister of communication and information technology didn’t respond to calls and emails requesting comment.
The government’s network systems have several critical vulnerabilities that would have allowed the attackers to breach networks, the people said.
In one example, earlier this year Microsoft Corp. warned its customers of vulnerabilities in its business email software and urged them to install the patches that would address the flaws. Servers for departments and agencies in Papua New Guinea’s government remain exposed to such an attack, according to a scan using the Shodan search engine, which tracks malware and malicious activity across the internet. The scan was conducted by one of the people familiar with the situation.
In ransomware attacks, hackers encrypt a victim’s computer files and then demand payment to unlock them. Ransomware attacks have been increasing rapidly in recent years, targeting school districts and cities, hospitals and businesses across the globe.
Papua New Guinea is located in the southwestern Pacific Ocean on the eastern half of New Guinea, the second largest island in the world. The government has been heavily reliant on its partners in the region for economic and technological assistance, with China and Australia competing for influence. The island nation has struggled to control Covid-19, with a little more than 1% of the population fully vaccinated. Robert Potter, co-chief executive officer of the cybersecurity firm Internet 2.0, has provided services for Papua New Guinea’s government as part of his work with the Australian foreign ministry. “This is pretty shameful, to exploit a developing economy’s critical infrastructure in the midst of a pandemic,” he said.
Papua New Guinea’s financial issues have prevented it from building a capable cybersecurity environment, said Jonathan Pryke, director of the Sydney-based Lowy Institute’s Pacific Islands Program.
“The PNG systems are so vulnerable already, and Australia is trying to come into this space and provide its own security and infrastructure. But the reality is I think the horse has bolted on this one,” he told Bloomberg News. “The systems are so exposed anyway that you really have to start over from the bottom up and that would be a huge investment. But in the pantheon of PNG priorities, it’s nowhere near the top.”
©2021 Bloomberg L.P.