Cyber Incident Victim: Ministerio de Relaciones Exteriores de Guatemala

The Guatemalan Ministry of Foreign Affairs (Minex) experienced a cyberattack beginning on September 19, 2022, with initial disruptions manifesting as failures across its public-facing website. By September 27, the incident escalated to compromise approximately 49 domains and subdomains under Minex administration, including its primary domain and specialized platforms such as the AdA project's virtual library—a collaboration with the European Union—which was rendered offline. Digital services portals like serviciosenlinea.minex.gob.gt became temporarily inaccessible, suspending citizen-facing functions. Cloudflare provided security infrastructure for Minex’s web properties, performing request analysis and access control, though the specific protective services engaged by Minex remained unidentified. Technical indicators suggested server-level compromises affecting hosted sites, though internal Minex systems potentially accessible only via VPN showed unclear status—unconfirmed whether impacted or intentionally isolated.

The attack was attributed to the Onix ransomware group, a recently emerged threat actor employing destructive encryption tactics. Onix’s malware selectively encrypted files under 2MB while corrupting larger files beyond recovery, even with decryption keys—a deliberate data destruction strategy diverging from typical ransomware profit motives. The group listed Minex among six victims on its leak site by September 27, though Minex issued no official statements regarding operational impact, ransom demands, or data recovery efforts. Parallel regional incidents included a September 30 attack on Mexico’s Secretaría de la Defensa Nacional by "Guacamaya" hackers and Costa Rica’s April 2022 Conti ransomware campaign, though these were distinct from Minex’s breach. Guatemala’s foreign ministry maintained silence on remediation progress or collateral damage as of the report date, with Bloomberg Línea awaiting responses to formal inquiries.