Everis, a subsidiary company to NTT Data, as well as SER, Spain’s national radio station, are among the reported victims of a large-scale Ransomware attack in Spain, which took place earlier today. Currently, the specific Ransomware variant responsible for the attack remains unknown. The company’s whole network seems to be under the attack of the still-unnamed Ransomware virus. Currently, the clients of Everis are disconnected from the network as a precautionary measure to help prevent the Ransomware from spreading to more computers.
Everis is a major company in the field of IT services such as consulting and outsourcing. There’s currently no statement made regarding this attack on the official site or the Twitter page of the company.
Another victim of the attack is the national radio station of Spain – SER (Sociedad Española de Radiodifusión). Despite the attack, SER is still running according to a statement from the company.
Spain’s Department of Homeland Security has also issued a statement where it is said that such attacks are somewhat common and there is no reason for unnecessary panic. So far, there have been no reported data leaks and the data’s security hasn’t been compromised. The Department has further confirmed that the attack was indeed coming from a Ransomware virus. The most likely source of the infection seems to have been a malicious attachment included in a spam email that must have been opened on some of the computers in the networks of SER, Everis, and the rest of the attack’s victims.
In an attempt to prevent a similar attack on its network Aena, Spain’s biggest airport operator, has temporarily taken down its LAN and VPN services. Aena has confirmed that it hasn’t been hit by the wave of Ransomware attacks and that the unavailability of its networking services is just a temporary precautionary measure.
Our team’s advice for users in Spain and/or clients of Everis would be to avoid opening any suspicious email letters or any other form of online messages that look questionable. Such spam message attachments are among the topmost frequently used technique for distributing not only Ransomware but other kinds of harmful malware as well. Other common ways of spreading Ransomware are through the use of pirated programs, clickbait ads, and fake requests for software updates.