Last Friday, a hack of the Brazilian Health Ministry’s servers brought the department’s DataSus platform off the air, causing vaccination records and Covid-19 case and death logs to disappear. The government stresses that no data has been lost, but vaccination platforms are still down almost one week later.
The most immediate effect of the hack was that the Bolsonaro administration had to postpone measures to enforce five-day quarantines for unvaccinated individuals arriving in Brazil from abroad. Those immunized in Brazil lost all access to their online vaccination certificates, having to rely instead on paper records.
But the story wasn’t done yet. On Monday, hackers struck again, taking the Health Ministry’s intranet, department emails, and telephone networks off the air. Employees were unable to log in and update information about the Covid-19 pandemic, or respond to demands from state health authorities.
And it’s not as if hackers hadn’t given advance warning. Back in February, a group of cyberattackers broke into the Health Ministry home page and left a caution for the Brazilian government. “This site remains absolutely shit and nothing has been done to correct it,” read the message. In their second attack, they warned once again: “fix this crappy website or next time, the details of those responsible for this mess will be exposed.”
But cyberattacks are nothing new in the country. In 2014, hackers used a phishing attack to break into the Foreign Affairs Ministry’s internal communication syste, seizing cables, mailing lists, passwords, and other data from authorities in Brazil and abroad.
Cybersecurity has proven to be so complicated for Brazilian institutions, that some might argue the only solution is going back to the trusty old paper trail! Well, perhaps not…