Over the weekend, the REvil (Sodinokibi) ransomware group targeted Telecom Argentina, one of the country’s largest internet service providers. The group is now demanding $7.5 million in ransom, and that sum will supposedly double after three days. The incident did not cause any damage to the ISP’s customers, but the company’s official websites have been down since Saturday and 18,000 computers have been infected after the hackers gained control of an internal domain admin.

EXPERTS COMMENTS
Ilia Kolochenko, CEO,  ImmuniWeb
July 21, 2020
US Secret Service has already raised an alert saying that MSP and organizations like ISP are now increasingly targeted by cybercriminals.
The unusually high amount of the demanded ransom may indicate that the attackers got full access to the Crown Jewels of the allegedly breached ISP. The US Secret Service has already raised an alert earlier this year saying that MSP and organizations like ISP are now increasingly targeted by cybercriminals. Given the amount of confidential clients’ data they handle, or critical business services ....
[Read More >>]
Mark Bagley, VP of Product,  AttackIQ
July 21, 2020
Companies must design their security programs to minimize the impact when an adversary successfully infiltrates their network.
This is likely to be one of the more expensive ransomware attacks this year. A security program that included network segmentation, preventing the lateral movement of an adversary would have been decisive in mitigating this situation. Legacy approaches that focus on stopping an adversary at their initial attempts to access targets of interest will continue to fail. Companies must design their sec ....
[Read More >>]

