This Wednesday (12), Rodrigo Cruz, executive secretary of the Ministry of Health, clarified the cyber attack that took place on the portfolio’s systems in early December 2021.
In a live broadcast on Facebook, he says that there is no “blackout” of information.
“I don’t consider it a data blackout. First, because the ministry always received the information, we didn’t receive it for a while, but as a priority the ministry restores these systems.”
The data affected by the cyber attack involved death records, vaccinations and Covid-19 cases. Some platforms were down for days before being re-established.
The Executive Secretary of Health acknowledged that this information was all hosted in the cloud. So “the hacker accessed the storage and erased all that data,” he said.
“The good news is that the ministry had the backup, the company that stores the data had the backup and there was no loss of information”, announces Rodrigo Cruz.
The secretary said that “the Ministry of Health has constant invasion attempts, this was not an invasion of the website, but of the cloud.”
According to Cruz, the hackers obtained an access credential and, from there, they entered the ministry’s systems.
He explains the ministry’s choice to let some data be in the cloud.
“It would be more technologically interesting to leave them in the cloud for the exchange of information with states and municipalities, for the dynamics that this information needs to have”, he says.
In addition, Rodrigo Cruz points out that not only data from the ministry, but also customized systems were in the storage tool.
“It’s not like software that you erase and reinstall, when that software is destroyed we have to rebuild the system.”
He also states that all the information is restored, but that a period of restoration of the applications will be necessary to consult this data.
Order of priority of the ministry
According to Rodrigo Cruz, “the ministry worked on restoring data capture, to obtain the information. Secondly, in the dissemination of data to public bodies, workers and so that we can make it available to society in general.”
He points out that in each of these stages, companies contracted by the ministry were already working in an intense routine to restore the systems.
Affected platforms
In the broadcast, Rodrigo Cruz explained that the National Health Data Network (RNDS), a platform for integrating all data, so vaccination, death and case data, worsening and hospitalization data were on this platform.
The information is made available to everyone by ConectSUS, via DataSUS and others.
According to the secretary, the Sivep-Gripe data that brings hospitalization data, the e-SUS Notifica, which are platforms that bring information about cases, have already been restored since December.
“The vaccination data we will promptly restore. The expectation is that we will finish this on Friday (14) so that we can make the systems or the entire dissemination of data available to public bodies.”
Measures taken to prevent future attacks
The Executive Secretary of Health, says that the folder is making an update of all administration credentials and monitoring tools.
“We have improved access control, a more in-depth risk and vulnerability analysis of the main systems with specialists who understand the sector, an implementation of the information management committee in the Ministry of Health and the migration of the RNDS to a public company that has secure hires.”
remember the attack
The Ministry of Health website (www.saude.gov.br/) was hacked in the early hours of December 10, 2021 and went offline.
According to the message published on the address, “internal data from the systems was copied and deleted”.
All portals in the folder, such as “ConecteSUS” and “Portal Covid” were also affected and were unable to access.
The Lapsus$ Group, which claimed responsibility for the attack, said at the time that 50 terabytes of information had been removed from the system and was in the group’s possession. “Contact us if you want the data returned,” the message read.
Reference: CNN Brasil
