News
Around 18,000 computers were infected over the weekend in one of the country’s largest ever hacking incidents
Despite a general decline in ransomware attacks globally, attacks are still a major threat to telco operations around the world.
Over the weekend, Telecom Argentina has found themselves embroiled in the latest security battle, with ransomware reportedly affecting around 18,000 of their workstations.
Now, the offending party, known as the REvil group, is demanding 109,345.35 Monero coins – a form of cryptocurrency – worth around $7.5 million, in order to decrypt the files affected by the ransomware. This fee, if left unpaid, is set to double after three days.
Typically, this ransomware group will also threaten to leak the data stolen from the host networks, though it is unclear if that is also the case here.
While the incident is not directly affect the ISP’s ability to deliver internet connectivity, telephony, or TV services to its customers, many of its websites have been taken down since the attack took place.
Telecom Argentina has yet to comment as to whether it intends to pay this ransom.
Exactly how the REvil group gained access to the ISP’s network is unclear, though it seems likely to be through their Citrix VPN servers, which the ransomware group has compromised in the past.
This is not the first cyber attack the REvil hackers have performed in the telecoms world in recent months. Back in May, Sri Lanka Telecom had some of its internal systems impacted by an attack by the group, but quickly confirmed that no customer information was compromised.
A similar ransomware attack hit Orange at the start of this month, reportedly exposing the data of 20 of their enterprise customers.
Experts suggest that greater cybersecurity measures must be put in place to defend against this form of attacks, including a layered strategy to protect against credential stuffing, exploitation of unpatched systems, and the phishing emails which are the main access points for the malware. Ransomware may be in decline, but these attacks can still be devastating and telcos must remain ahead of the game if they are to keep their data safe.
Also in the news:
Reliance Jio wants spectrum to trial homegrown 5G
Ericsson to deliver core solutions for SoftBank’s standalone 5G networks
No hard feelings: TIM’s decision to exclude Huawei from 5G core not politically driven
