After about two months of the cyberattack suffered by the National Institute for Drug and Food Surveillance (Invima), the entity announced that it will resume its procedures and services, after these were largely affected by the technological contingency.
As detailed by the entity, since this Friday, April 1, all actions, processes and responses to orders and replenishment resources by Invima are also resumed.
Users may file their procedures through the Institute's website www.invima.gov.co, through the 'Virtual Office', where they can make online payment for these processes and subsequently “refer to the communication channels through institutional emails”.
Likewise, Invima clarified that, “the administrative measures adopted by resolutions 2022500000 of February 9, 2022, 2022500001 of February 15, 2022, 2022500002 of February 22, 2022, 2022500003 of February 25, 2022, 2022500005 of March 8, 2022 and 2022500009 of March 16, 2022, in force until 31 March 2022 march 2022, were implemented in order to ensure the provision of services provided by Invima.”
Therefore, the Institute specified that these administrative measures did not imply either the suspension, extension or extension of the validity of health permits, registers and/or notifications, nor did they mean any modification of current regulations.
Invima also indicated that these measures also did not affect the modification of the “shift system provided by the entity according to the needs of the service”, in order to deal with procedures, requests, complaints, complaints or complaints by users.
“The validity of health registrations, permits or notifications, the renewal of which has been requested before Invima within the legal opportunity and with the fulfillment of the requirements provided for this purpose, shall be deemed to have been extended until the administrative acts of a particular and concrete nature that resolve in substance the renewal applications,” the Institute added.
According to Invima, at the moment each address of the entity is taking appropriate actions in order to avoid affecting the rights of users whose permissions, registrations and/or health notifications are being renewed, following the cyberattack.
“Since it is not necessary to adopt additional administrative measures, to date, Invima will not issue other resolutions for this purpose,” concluded the entity, reiterating its commitment and that of the competent authorities to overcome the cyberattack of which Invima was the victim.
It is worth remembering that Invima's systems were hacked on February 6 with a computer virus known as Blackbyte, which caused the blocking of its website and, therefore, export and import certificates and one-stop shop for foreign trade, among other services.
Regarding the case, the cybersecurity expert from the Central University, Frederick Nicolai Ferro, explained in dialogue with RCN Radio that the objective of these malicious software was to exploit the vulnerability of private websites or the national government, in order to hijack information and subsequently request money to return it.
“When we talk about hijacking, it means that you have to pay money that is for Bitcoin and these ransomware affect systems that have not been updated correctly with operating system patches,” the cybersecurity specialist told the same media outlet.
Invima, for its part, assured that, although the cyber attack affected the platforms where they carry out their administrative procedures and health records, there was no theft of any type of information.
KEEP READING