Argentine government officials They refuse to negotiate with a ransomware group that forced them to temporarily close all immigration checkpoints on August 27th.
According to a report from September 6th in Bleeping computer, A group of hackers operating the Netwalker ransomware broke into the system of the Argentine immigration authority Dirección Nacional de Migraciones on August 27 and initially demanded a payment of USD 2 million to restore their servers.
“Your files are encrypted”, He said the ransom note on a gate checkout page that was sent to immigration. “The only way to decrypt your files is to buy the decryption program.”
The group then released a select batch of sensitive agency data to prove they were responsible for the incident. After a week the perpetrators They raised the ransom to a payment of 355.8718 Bitcoin (BTC), which was roughly $ 4 million by then.
The Argentine News Agency, Infobae, reports that the attack effectively stopped all border crossings in and out of the country for four hours. During the closure authorities They cut off all computer networks used by immigration officials at regional offices and checkpoints. Government officials allegedly said so “They will not negotiate with hackers” and will not deal with the recovery of stolen data.
Although hackers who implement ransomware are not bound by borders, This situation in Argentina is a rare example of a cyber attack affecting a national government agency.
Talk to Cointelegraph Brett Callow, Threat Analyst and Ransomware Expert from Malware Lab Emsisoft, said These attacks had the potential to be disruptive and leak extremely sensitive data to the general public.
“This is particularly problematic for government departments, as data is often very sensitive and in some cases even poses a risk to national security.” Said Callow. “More than one in ten ransomware attacks are now linked to data theft, and the list of groups who routinely steal is growing. As a result, such incidents are likely to become more common.”