Share this article on:
Breaking news and updates daily. Subscribe to our Newsletter
Another Pacific nation has fallen victim to a ransomware attack, this time Tonga. Tonga Communications Corporation made the announcement on its Facebook page yesterday, and security researchers think they already may know the culprit.
TCC operates all of Tonga’s fixed-line connections, and about 70 per cent of its broadband and dial-up internet connections. The company employs 300 people and has branches in all of Tonga’s major island groups.
“Ransomware attack has been confirmed to encrypt and lock access to part of TCC’s system,” the Facebook post said. “This does not affect voice and internet service delivery to the customers, however, it may slow down the process of connecting new customers, delivering of bills and managing customers’ enquiries.”
“We are working with security companies to mitigate the negative impact of this malware.”
While Tongan authorities have not made announcements as to the culprit, security researcher Dominic Alvieri shared on Twitter that he believes that Medusa may be behind the attack.
“Medusa is back and allegedly breached Tonga Communications,” he tweeted.
If Alvieri is correct, and TCC has been targeted by the MedusaLocker ransomware, it’s very likely the initial attack vector was an email with a malicious payload.
Tonga’s Pacific neighbour Vanuatu was hit by a ransomware attack last year that caused widespread disruption across the island, especially impacting hospitals and communications. In the capital of Port Vila, local hospitals were forced to resort to pen and paper to request medicines, rather than sending emails.
We have reached out to TCC for more information.
Comments powered by CComment