RANSOMWARE CYBER ATTACK ON M.W.T.I. CLARIFICATION

APIA, August 25, 2021/Press Release — The Ministry of Works, Transport and Infrastructure
(M.W.T.I.) has successfully recovered files that were infiltrated in a cyberattack by
Ransomware on 2 and 3 of August.
The M.W.T.I. Chief Executive Officer (C.E.O.), Magele Hoe Viali said the cyberattack infected
a total of eight computers in the Ministry; four of those belong to the Transport
Infrastructure Coordination Sector team.
Magele confirmed that all files have been recovered, however, investigations continue in
efforts to pinpoint where exactly the attack came through.
Fortunately, due to quick action by the Ministry I.T.s, the Ransomware attack was confined
to a few computers. However, a ripple effect was felt throughout the Ministry as the
technical team unplugged the whole system to prevent the cyber-bug from spreading.
Magele clarified that the cyberattack by Ransomware did not “delete” or “wipe out” critical
files as mentioned by media articles.
Ransomware is a type of malware designs to encrypt a victim’s files on a targeted device,
making any infected files or system to be unusable, as hackers demand ransom in exchange
for the key to decrypt the files.
He acknowledged the various team of expertise that assisted in the deciphering and
recovery of important Ministry files.
Magele admits that there was miscommunication between himself and the head I.T. at the
Samoa Airport Authority (S.A.A.) that led to his belief that the Authority was also affected.
Additionally, the Ministry Chief clarified that the Ransomware occurrence is separate from a
virus that breached the Ministry email server, Microsoft Exchange.
Whilst the Ransomware attacked in August, the Ministry email server experienced technical
issues since June and has since been resolved.
“The M.W.T.I. had a server backup (Microsoft Exchange), but starting in June, we weren’t
able to back up any files due to the said virus,” Magele said.
“This virus is separate from the Ransomware. Whilst Ransomware attacked our files
recently, the virus infiltrated our emails. We have since moved on to a cloud-based server.

“This is a very large Ministry; it consists of the Land Transport Division, the Aviation Division
whom are in constant contact with International Civil Aviation Organization while the
Maritime division liaises with International Maritime Organization.”
It suspected the virus may have entered through a phishing email.
Magele also rejects the political motive suspicions behind the cyberattack saying the new
Minister, Honorable Olo Fiti Vaai, had already been in office two weeks before it hit while
the email server had been down a month prior to his entry.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.