Cyber Incident Victim: Instituto Nacional de Vigilancia de Medicamentos y Alimentos
Date:
Oct 2022
Location:
Colombia
Summary
A cyberattack targeted the technological platform of a national regulatory institute, causing widespread unavailability of information and external applications. This incident followed a previous attack earlier in the year, exacerbating operational disruptions that halted critical services including certification processes, port inspections, and quarterly safety reporting. Public frustration escalated due to prolonged delays in resolving these issues, with stakeholders criticizing the institution's cybersecurity preparedness and lack of effective contingency measures. Users reported months-long setbacks in administrative procedures, highlighting systemic vulnerabilities and insufficient recovery efforts following the initial breach.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 4 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On October 3, 2022, Colombia's National Food and Drug Surveillance Institute (INVIMA) publicly disclosed a new cyberattack targeting its technological platform, which resulted in the unavailability of critical information systems and external applications. The incident disrupted essential digital services, preventing stakeholders from accessing regulatory functions such as certification requests, sanitary registrations, and pharmacovigilance reporting. Users immediately reported widespread operational paralysis, with multiple comments citing an inability to submit mandatory quarterly reports (tecnovigilancia), inspect goods at ports, or track registration applications. This outage compounded existing frustrations, as some users indicated they had already endured eight-month delays for certifications due to a prior cyberattack earlier in 2022. Public reactions highlighted severe dissatisfaction with institutional preparedness, with commentators noting this was the second major breach within a year and criticizing the lack of contingency plans to maintain services during disruptions.
The attack exacerbated systemic challenges within INVIMA’s operational framework, as users reported extended processing delays affecting consumer safety and trade activities. Stakeholders, including pharmaceutical regulators and import/export professionals, emphasized cascading impacts, including halted inspections and unresolved cases pending for over six months. Comments specifically cited financial losses due to INVIMA’s fee structures and alleged underinvestment in cybersecurity despite revenue collection. No technical details about the attack vector, threat actor, or data compromise were disclosed in the announcement. INVIMA did not outline remediation timelines or alternative procedures for urgent requests, leaving users to demand temporary reinstatement of in-person services. The incident underscored institutional vulnerabilities and eroded public trust, with multiple commentators questioning INVIMA’s capacity to safeguard critical health regulation infrastructure.