The government officials in Argentina were forced to close the border crossing activity for a few hours on August 27, 2020, as the Comprehensive Migration Capture System servers (SICaM) were targeted by a ransomware attack.
Highly placed sources say that Netwalker ransomware spreading gang was the one that targeted the Immigration Agency in Argentina and government officials say that the cyber criminals were demanding $2 million as payment to free up the data from the file encrypting malware.
Hackers have posted a portion of stolen files onto the dark web yesterday to create pressure on the victim and increased the ransom to $4 million- double the previous amount.
Direccion Nacional De Migraciones said that they have no intention to bow down to the demands of hackers as they are thinking to restore the data from backups.
Coming to the second news trending on Google and related to Ransomware, the US Election Infrastructure is vulnerable to ransomware attacks. NTT LTD revealed this in its Global Threat report released in September and the firm added that all voting machines, postal services and the servers related to Poll results were vulnerable to malware attacks that could be launched by adversary nations.
“Cyber Attacks against the election infrastructure of US can be launched by any threat actor seeking monetary benefits and the stakes are high for this year’s presidential elections”, says the report.
NTT claims that obsolete technology including hardware and software can help the hackers create voter apathy and can prove as a negative addition to the ongoing COVID 19 crisis where most of the digital work is been carried by remote workforce.
Third, the ransomware news is related to BancoEstado, the 3rd largest bank in Chile that was hit by a ransomware last Friday making the bank officials shut down all digital operations in all the bank branches across the state.
Revealing the same through the bank’s Twitter account, the bank CEO apologized to what has happened and assured that all measures to prevent such incidents in future will be taken.
According to a source reporting to Cybersecurity Insiders, REvil Ransomware aka Sodinokibi ransomware was behind the incident and the malware entered the bank network through a malicious office document circulated through a phishing email.
However, the banking portal, app, website and the ATM services remained unaffected with the attack and only the administrational level of operations seem to be impacted.