Trinidad and Tobago social security agency hit with post-Christmas ransomware attack

A key government agency in Trinidad and Tobago said it was hit with a ransomware attack that will limit its operations for at least the rest of the year.

The country’s National Insurance Board (NIBTT) — which runs the nation’s social security system serving more than 630,000 people — wrote that all offices will be closed from Wednesday to Friday due to a recently-discovered ransomware attack.

“The company is currently assessing our systems after having experienced a ransomware attack on Tuesday, December 26. All steps are being taken to protect our data integrity and technology hardware,” NIBTT said in social media messages to the public.

“We are also continuing to diligently work with our external technology partners to expeditiously resolve this matter. The NIBTT has reported the incident to the Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) under the Ministry of National Security, and we are working with this team toward a resolution.”

The organization provides cash and check payments to more than 40% of the country’s population as insurance “against the economic and social distress caused by loss of earnings arising out of work-related injuries and other contingencies.”

The NIBTT did not respond to requests for comment about which ransomware group was behind the attack and whether a ransom had been issued. Trinidad and Tobago’s justice department was attacked by a ransomware group in July, paralyzing the country’s court system for weeks.

Following that attack, court documents could not be served electronically and lawyers for the government said they were unable to access their email accounts or critical documents for upcoming trials. Shortly before the attack was officially announced, the TT-CSIRT published an advisory urging all organizations to “take the necessary precautions to mitigate against rising ransomware attacks in Trinidad and Tobago.”

The country’s largest supermarket chain was also shut down due to a ransomware attack in 2022.

Multiple Caribbean island nations were battered throughout 2023 by ransomware gangs eagerly exploiting governments without the cybersecurity infrastructure to defend critical systems.

In addition to Trinidad and Tobago’s July attack, Bermuda, Martinique, the Dominican Republic and Guadeloupe all faced off against ransomware gangs in 2023.

Costa Rica — a Central American country along the Caribbean Sea — dealt with a wide-ranging incident affecting several parts of its government. The headline-grabbing damage caused by that incident spurred U.S. efforts to expand the Counter Ransomware Initiative to nearly 40 countries and the European Union.