Argentina was forced to halt the border crossing owing to a major ransomware attack. As per the report published by a source on the 6th of September 2020, the National Migration Department of Argentina had to suspend their border crossing for four consecutive hours post an attack demanding ransom that had occurred back on the 27th of August 2020.
“The Comprehensive Migration Capture System (SICaM) that operates in international crossings was particularly affected, which caused delays in entry and exit to the national territory,” the National Directorate of Migration (DNM) stated.
“Being approximately 7 a.m. of the day indicated in the paragraph above, the Directorate of Technology and Communications under the Directorate General Information Systems and Technologies of this Organization received numerous calls from various checkpoints requesting technical support.”
“This realized that it was not an ordinary situation, so it was evaluated the situation of the infrastructure of the Central Data Center and Servers Distributed, noting activity of a virus that had affected the systems MS Windows-based files (ADAD SYSVOL and SYSTEM CENTER DPM mainly) and Microsoft Office files (Word, Excel, etc.) existing in users’ jobs and shared folders,” a translation of the complaint stated.
It was learnt that the hackers could gain access to the database and retrieve information from the federal agency taking the help of a powerful cryptovirus named “Netwalker”. This strain of the ransomware was first discovered in September 2019 that uses the sophisticated techniques for encrypting files with the AES cipher. In order to stop the ransomware from replicating itself on the other computer networks, they were forced to shut down.
Government sources told Infobae that “they will not negotiate with hackers and neither they are too concerned with getting that data back.”
In the beginning, the hackers had demanded a ransom of a $2 million worth of Bitcoin for unlocking the files, as stated by the dark web payment page that was linked to their ransomware note. In just one week, this sum had gone up to 355 BTC which is roughly around $4 million as estimated at the current exchange rates.
The immigration agency has refused to negotiate with the attackers and thus the extortion attempt is not going well. Although the agency has confirmed that none of the sensitive, corporate or personal information has been compromised so far while they are not at all concerned regarding decrypting the stolen data.
Back in July, the largest telecommunications company named Telecom Argentina had also become a victim of the Netwalker ransomware where the hackers asked for $7.5 million worth of Monero (XMR), which is a privacy focussed cryptocurrency. The attack prevailed for over three days but the telecom company was successful in restoring the access to the infected computers without having to pay the hefty ransom.
Another report states that the 5th largest travel company of America, named CWT had agreed to pay off $4.5 million worth of Bitcoin to the hackers of a ransomware back in late July.
Source: U Today
Disclaimer: Read the complete disclaimer here.