Ransomware hackers attacked and successfully breached the defenses of Argentina’s immigration agency. However, Argentinian government officials appear to be unwilling to negotiate with the cybercriminals who are asking $4 million in Bitcoin (BTC).
The attack happened on August 27, 2020, when the hackers breached Argentina’s immigration agency, the Dirección Nacional de Migraciones, according to Cointelegraph. The hackers gained control of the agency’s files which caused a brief closure of all immigration checkpoints on that day.
As proof that they are responsible for the hack, the group posted a batch of sensitive date from the agency. The group initially asked for $2 million as payment to restore the agency’s servers but they later increased their demand to 355.8718 Bitcoin, which is equivalent to around $4 million.
Because of the ransomware attack, all border crossings into and out of Argentina were halted for four hours, according to the local news outlet Infobae. All computer networks used by Dirección Nacional de Migraciones’ checkpoints and regional offices were taken offline by authorities.
The publication added that officials do not intend to negotiate with the hackers. It appears that the government has given up retrieving the data stolen by the ransomware group as officials said that “they will not negotiate with hackers.”
“In the case of government departments, this is particularly problematic as the data can often be extremely sensitive, and in some cases even represent a risk to national security,” Emsisoft threat analyst and ransomware expert Brett Callow said. “More than 1 in 10 ransomware attacks now involve data theft, and the list of groups which routinely steal is steadily growing. Consequently, it’s very likely that incidents like this will become more and more common.”
Aside from Argentina’s immigration agency, ransomware hackers also attacked another Latin American target recently. One of Chile’s biggest banks, BancoEstado, had to shut down its branches on Monday due to a ransomware attack, according to ZDNet.
“Our branches will not be operational and will remain closed today," BancoEstado wrote on Twitter. The attack happened over the weekend when the bank’s system was infected with the REvil (Sodinokibi) ransomware.
Fortunately, the bank segmented its internal network which limited the hackers’ access. As a result, BancoEstado’s ATMs, mobile apps, website, and banking portal were not affected by the hack.
Comment 11