Embassies' server suffers cyber attack

Unauthorised software was yesterday identified by the Information Security and Risk Management Department of the Malta IT Agency (Mita) on a server used for the storage of user credentials of personnel in Maltese embassies abroad. This unauthorised...

Unauthorised software was yesterday identified by the Information Security and Risk Management Department of the Malta IT Agency (Mita) on a server used for the storage of user credentials of personnel in Maltese embassies abroad.

This unauthorised software was identified by security monitoring and alerting tools which have been recently implemented by the agency within an overall framework of security tightening.

Immediately upon detection Mita requested its US-based IT security advisory firm to provide it with an assessment of the potential breach based on the evidence collected by Mita.

The preliminary analysis indicated that the said software had the potential to extract user names and passwords on the embassies server only.

Analysis and assessments of any evidence of similar attacks on other servers was carried out with no such evidence resulting. In the meantime, more assessments were being carried out, Mita said

It said that although it had no evidence that any breach had occurred, to ensure absolute safety of the integrity of data in its responsibility, Mita throughout last night carried out an operation which entailed the disabling of all accounts of users on the said servers and users occupying sensitive positions.

Although currently there was no indication whatsoever of a breach on the servers hosting the user credentials of people in sensitive positions, this preventive measure ensured that these users were not exposed to unnecessary risks.

The rest of the users would be requested to change their password credentials to close out even the most remote risk.

The detection of this attempted breach and the neutralisation of its potential impact was possible following a series of investments made in the recent months by Mita, including the deployment of intrusion prevention systems, tighter policies and stronger password storage technology.

As a direct result of these measures, the length of time required for a perpetrator to decrypt a password is significant and well beyond the short period of time within which the said accounts may have been possibly exposed.

In the meantime, Mita was currently communicating the state of play to all the IT services users in the government and wasworking through chief information officers in ministries and public sector entities to ensure that users were made aware both of the incident and also of the preventive action taken by Mita to safeguard their information security.

In the meantime the concerned server has been isolated and the police have been informed.

Sign up to our free newsletters

Get the best updates straight to your inbox:

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.