Navigating a ransomware attack: lessons from Colombia

Corporación Cambio Sostenible (CCS), a non-profit organization dedicated to sustainable development and social equity in Colombia, recently faced a significant challenge. Their cloud provider, IFX Networks, was attacked by ransomware. This attack, allegedly orchestrated by the Ransomhouse collective, targeted key websites across Colombia and Chile. The aftermath left CCS grappling with the loss of crucial data, feeling the threat of cyber criminals online, and the daunting task of rebuilding their digital infrastructure.

However, amid the chaos, they found a glimmer of hope through the support of our Digital Defenders Partnership (DDP), which enabled them to not only recover but also strengthen their cybersecurity measures.

The ransomware attack on IFX Networks had devastating consequences for CCS. As a service provider to social organizations, they stored huge amounts of sensitive data on their cloud platform. CCS works with three pillars: the promotion of human rights through advocacy, social inclusion of underrepresented communities, and the promotion of sustainable environmental development. Due to the nature of their work, including close ties with activists and the LGBTIQ+ community, they were processing sensitive data. The attackers targeted this data, including agreements, bank account details, and contracts. CCS lost access to their website, emails, contacts, and databases, which jeopardized their ability to support the marginalized communities they serve. Kenny Stiven Espinoza Velásquez, Director of Programs and Projects for CCS, said, “It’s very costly for a non-profit organization to risk suffering these attacks – the risks can’t be ignored and we must be proactive.”

Team from Cambio Sostenible
Team from Cambio Sostenible presenting the panel titled “Violations of digital human rights in women and young LGBTIQ+ individuals in Colombia.” L to R: Kenny Espinoza, Diana Carolina Prieto, and Laura Daniela Jiménez. Photo: Communications Team of the Colombian Internet Governance Forum

Response and support

Without a solution or support from Colombian authorities, CCS found a lifeline through DDP. The program supported them with resources for both the short and the long term. Kenny explained that, “Thanks to the DDP, we were able to migrate our website to a [more secure] cloud provider […] as well as acquire external hardware equipment to maintain backups, bring in experts to train our team to respond to these attacks, and develop an organizational cybersecurity policy.” DDP’s support not only helped CCS recover from the initial damage of the attack, but also helped them boost their digital resilience for the future.

Cultural exchange meeting organized by Cambio Sostenible with Antonio Nariño University under the Erasmus+ project “From Migration to Integration.” Photo: Francisco Javier Rigual

Challenges and lessons learned

The ransomware attack exposed the particular vulnerabilities faced by non-profit organizations operating in the digital space. The frequent lack of adequate support from authorities and the high costs of cybersecurity underscore an urgent need for better preparedness and response mechanisms. Moreover, targeting organizations like CCS, which serve marginalized communities, highlights the ethical implications of cyberattacks and the importance of safeguarding sensitive data. This is why DDP’s mission is to provide a holistic response to digital threats and create resilient and sustainable networks of support to human rights defenders.

About Digital Defenders Partnership (DDP)

DDP, managed by Hivos, is an emergency grant mechanism for digital activists under threat launched by the Freedom Online Coalition in 2012. It provides a holistic response to digital threats and creates resilient and sustainable networks of support to human rights defenders.