The Spanish government agency for labor has been attacked by Ryuk ransomware and following the attack, more than 700 agency offices throughout Spain have been affected. The agency’s website stated they are currently working on restoring priority services as soon as possible. The agency ensures that confidential data is safe, and the payroll systems were not affected by the attack. The attacks spread from the agency’s offices and began to infect workers computers at home before it was contained. Ryuk is a Ransomware-as-a-services group that has been active since 2018 and accounts for almost one-third of the total number of ransomware attacks in 2020.
Ryuk is a ransomware group that allows affiliates to apply online to be accepted into the group as part of a membership. By doing this, the group can ensure that they have a steady stream of attacks being carried out at once and maximizing their profits by preying on many victims. Any company or organization is at risk for ransomware attacks. The Spanish labor agency is not a high-profile target that would likely have expected to be crippled with ransomware. Because ransomware operators are acting at such a high rate and targeting every industry globally, everyone needs to be on alert and have the proper plan in place. Binary Defense suggests pairing anti-virus solutions with Endpoint Detection and Response (EDR) and a continuous monitoring and response service such as the managed security service that is offered at Binary Defense. This, along with other measures like employing phishing training and awareness, can give organizations the best chance at defending their data. Having a regular backup schedule and disaster recovery plan are both important for organizations to get back to full operation quickly if an attack occurs.
More can be read here: https://www.bleepingcomputer.com/news/security/ryuk-ransomware-hits-700-spanish-government-labor-agency-offices/