Spanish companies’ networks shut down as result of ransomware

by
Sean Gallagher
from Ars Technica - All content on (#4TNGH)
GettyImages-1160320235-800x418.jpg

Enlarge / Spanish broadcaster SER was hit by a ransomware attack on the morning of November 4, 2019, as was Spanish tech services firm Everis. (credit: OSCAR DEL POZO / AFP via Getty Images)

A targeted ransomware attack has taken down the networks of at least two companies in Spain today, sending ripples across other companies as they moved to defend themselves. The targets included Everis-a major IT services and consulting subsidiary of Japan-based global communications company NTT-and the radio company Sociedad Espanola de Radiodifusion (Cadena SER). A technician at one company told Spanish broadcaster ABC, "We are in hysteria mode."

Some other companies-including Spanish airport operator Aena-took down some of their services as a precautionary measure. They did so in part because Everis has staff on site at many Spanish corporations. But the attack may have affected other companies as well, though no others have publicly acknowledged the ransomware.

The ransomware appears to be a variant of the BitPaymer family that is connected to the Dridex group of malware, according to security researcher Vitali Kremez and others who have analyzed the attack.

Read 3 remaining paragraphs | Comments

index?i=GKN_KDG119M:GXPUK34p1_Y:V_sGLiPB index?i=GKN_KDG119M:GXPUK34p1_Y:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments