New ransomware variant wreaks havoc in Spain

New ransomware variant wreaks havoc in Spain

A targeted ransomware attack has succeeded in encrypting the networks of at least two companies in Spain, with the impact extending far wider.

According to a report published by “Ars Technica”, the blackmail malware captured the IT services and consulting company Everis, an NTT subsidiary, as well as the radio company Cadena SER amongst others. As a consequence, several other companies such as the airport operator Aena took the precautionary step of shutting down various services (one reason being that Everis staff are often based on site at their clients).

Following analysis of the latest attacks, security experts assume that the ransomware causing the damage is a variant of the BitPaymer group of malware and used Dridex as a vehicle to achieve a targeted infiltration of the companies’ networks. As with malware like Emotet – “Heise online” has just published a very instructive background piece [in German] – in the vast majority of cases, the initial infection or penetration results from an email either containing an infected document as an attachment or a link to download it.

At the same time, email remains an indispensable, business-critical medium for communication. That makes it even more important to safeguard corporate email by means of a highly sophisticated email security service. Specialist analyst firm the Radicati Group recently attested that Retarus’ Secure Email Platform provides added value for companies in the implementation of a comprehensive cyber security strategy, while especially highlighting Retarus’ Advanced Threat Protection (ATP), Post Delivery Protection & Real-Time Response, Forensic SIEM Integration and the brand new Email Continuity service.

For more details, please visit our website or get in touch with your local Retarus representative directly.

Tags:

Submit a Comment

Your email address will not be published. Required fields are marked *