The government of Kuwait is grappling with a ransomware attack that began on September 18, primarily affecting its Ministry of Finance. In response, officials took immediate action to isolate and shut down affected systems.
Furthermore, they reassured employees that payment and payroll systems were on a separate network, minimizing concerns about payment disruptions. Kuwait’s National Cyber Center has been working tirelessly to address the issue, enlisting the help of cybersecurity firms and undisclosed governments. The attack was attributed to the Rhysida ransomware gang, who imposed a seven-day deadline for the Kuwaiti government to pay an undisclosed ransom.
The Ministry of Finance has emphasized that all data related to government workers’ salaries and financial transactions are securely stored in their systems, and government agencies continue to operate without major disruptions.
The Rhysida ransomware gang has gained notoriety for its recent attack on Prospect Medical Holdings in the United States, which forced the redirection of ambulances due to the incident’s impact. This group has targeted government systems in several countries, including Chile and Martinique. Kuwait, a nation with over 4 million residents in the Persian Gulf, is the latest government to fall victim to a ransomware attack.
Coincidentally, other governments, such as Colombia and Bermuda, also reported ransomware attacks in the same week, affecting services and operational capabilities.
These developments align with the U.S. National Security Council’s call for governments worldwide to pledge not to pay ransomware hackers. It’s worth noting that Kuwait experienced ransomware attacks targeting several Ikea outlets last year, with some researchers suspecting connections between the Vice Society ransomware gang and Rhysida.