What has not been said about the cyber attack on INAI?

What has not been said about the cyber attack on INAI?

In recent times it was clear first, then public and then official, that the National Institute for the Information and Protection of Personal Data’s Data Platform (INAI) serious problem was occurring. The recently released SISAI 2.0 on 13th September showcased the shortcomings and vulnerabilities. A few days later they learned that the organization had been the victim of “a form of exploitative attack or hack”. cryptocurrency

what does this mean?

First, it should be clarified that the new system was born as a technological advancement Finally to integrate and have the current single platform and inter-communication between states. The two structures coexisted for a long time, but they were not completely connected to each other.

There were surprises as opening hours passed: discrepancies, bug reports, and more and more problems began to crop up. The commissioners responsible for the new “iron” are Oscar Warning And Rule Juliet NS River.

The attack was finally officially reported last Monday. On Tuesday, in a plenary meeting, Commissioner Oscar Guerra assured that the information base was not at risk. However, some analysis of companies of Cyber ​​security attack on mining cryptocurrency Be warned that the malware makes lateral movements looking to compromise as many devices as possible, and installs “back” access doors to other types of devices. raid malicious.

INAI Plenary approved the postponement of deadlines and conditions to attend to requests in days of problems.

This Thursday, INAI ruled that everything was in order, but flaws, in facts, persist. In fact, many things remain untold:

See also  Touchless buildings: how technology helps fight coronovirus - Casa A. Zardim

• Nearly 4 billion records are at risk and we don’t know who, including statistics Individual.

•Feather INAI There Internal conflict (in almost any body) that in this case it is finding it difficult to process the information in a transparent manner inside and out and, therefore, a responsible and prompt solution is given.

• Explanations have varied all the time: first, it was common because system migration. Then there were optimization failures. Then a malware for cryptocurrency exploits. Next, Malware Denial of Services (Ddos). This has contributed to confusion and failure to establish an actual action plan.

• The main problem with this attack is that it not only uses the processing resources of victim server, it can be used for other equipment of the company or a . can be extended to visitors of venue infected web.

• Internal managers fear what is happening right now. Some of the heads of INAI do not have precise technical knowledge about what is happening.

• Institute is also responsible for Protection of personal data. any negligence in the act Individual cybernetic This may jeopardize your legitimacy.

• Make use of the organization’s infrastructure exploitation of digging of money digital It is not done for just one day and it ends there. Experts assure that this is a process that takes a long period of time and that some system changes are visible. In other words, the attack could have lasted for months.

• At that time no one saw or decided not to see, one’s intrusion malware Since long time ago.

See also  "Get viber, I can't open Gmail ...": People don't mess up apps

• There is no legal process against those responsible.

If INAI admits that there was a problem and does not do more, it appears that the authority has registered run over And in the end you don’t know who it was, what vehicle it was from, or what was wrong with the signage.

I don’t want to add any more worries to my days, but I’m sorry, I must say: Yes, we should be worried.

LEAVE A REPLY

Please enter your comment!
Please enter your name here