The newly elected government in Pacific island nation of Vanuatu encountered a serious problem from the very first day of its term on Nov. 6 — no one could use their government email accounts.
But then the situation got worse. Much worse.
Officials could not use any government computer services, from renewing a drivers' license to paying taxes or accessing medical and emergency information.
They were forced to turn to 20th century technology — pen and paper.
That's a major problem in a nation where the population of around 320,000 people is distributed across dozens of islands north of New Zealand.
"Imagine if in the U.S. or the U.K. or Australia, a new government has started and there's a whole changeover ... you can't even allocate email addresses to your new staff, you can't coordinate what's happening between ministers," Glen Craig, managing partner of the consulting firm Pacific Advisory, told NPR in a phone interview.
"We're the first country in the world that this has happened to. ... It's not a good time in Vanuatu, I can assure you," continued Craig, who also serves as chairman of the Vanuatu Business Resilience Council.
After more than three weeks of working on the problem, Prime Minister Alatoi Ishmael Kalsakau told local news outlets Wednesday that services were 70 percent restored.
However, the disruption continues.
Vanuatu's government officials first discovered suspicious activity on their networks, many of which are centrally connected, on Nov. 6. They revealed the breach to local media several days later, but have so far been fairly tight lipped about the extent of the damage, the possible culprits, and what's being done to recover service.
Some sources have suggested the attack was ransomware, in which cybercriminals break in and take data hostage in exchange for payment, though the government has not officially confirmed whether that's the case or addressed whether a ransom payment was made.
Vanuatu officials did not respond to NPR's requests for comment.
Although Vanuatu is not the first government to be targeted by a disruptive cyberattack, the length of the outage and the level of disruption may be unparalleled.
Additionally, the attack could be important geopolitically. Vanuatu is officially neutral, and maintains relationships with Western allies such as Australia as well as China. U.S. officials frequently describe China and its growing global influence as a key national security challenge.
The Australian government is on site helping local officials. Pat Conroy, Australia's minister for international development and the Pacific, told Vanuatu Daily in late November that Australia "sent in a team to assist with that disgraceful cyberattack and the response."
Cybercrime has become a global issue, costing governments and private companies billions of dollars through ransomware, extortion, email scams, and lost business.
Cybersecurity experts who have spoken with NPR in recent months have speculated that a strong response from the U.S. government to criminal cyberattacks in recent years may have prompted cybercriminals to shift their attention elsewhere. That includes recovering millions in Bitcoin ransoms and depriving cybercriminals of some of their profits, such as when the Department of Justice seized $2.3 million, about half, of the ransom paid by Colonial Pipeline to hackers in May 2021.
Other strategies include heavily publicizing intelligence on cybercrime, helping victims recover their files rather than pay ransoms, and extraditing cybercriminals from overseas to be tried in U.S. courts.
The Pacific region has been battered with an increased number of attacks recently, from a breach on Australian Telecom giant Optus, which exposed millions of sensitive Australian health records, to a ransomware attack on Papua New Guinea's government pay systems in October 2021. Australia's Cyber Security Centre reported in November that it received 76,000 cybercrime reports in the 2021-22 financial year, which ended in June.
It wasn't until Wednesday, that Prime Minister Kalsakau spoke about the breach in any detail. According to the Vanuatu Daily Post, he said partial access had been restored to government financial services, health procurement data, immigration and passport data, and, perhaps most importantly, emergency lines for ambulances, the fire department, and the police.
"In this recovery work, we are building back our government networks better and safer," Kalsakau is quoted as saying. "We are bringing systems online in a secure and contained environment with strengthened safeguards to ensure there is no risk of re-infection."