On August 27th, Unidad Fiscal Especializada en Ciberdelincuencia, the cybercrime agency in Argentina, was alerted to a security incident after multiple border checkpoints called in and needed support. After analyzing the situation, the cybercrime agency filed a criminal complaint. A portion of the complaint, translated to English, stated ”…it was not an ordinary situation, so it was evaluated the situation of the infrastructure of the Central Data Center and Servers Distributed, noting activity of a virus that had affected the systems MS Windows based files (ADAD SYSVOL and SYSTEM CENTER DPM mainly) and Microsoft Office files (Word, Excel, etc.) existing in users’ jobs and shared folders.” To avoid the spread of the virus, immigration offices and border control offices had their networks shut off, which caused a four-hour stop of people crossing the borders. The ransomware believed to have been used is Netwalker, and the initial extortion payment requested was $2 million USD. After a week, the payment was upped to $4 million USD. What’s interesting though is government sources have said, “they will not negotiate with hackers and neither they are too concerned with getting that data back.”
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.