07/19/2020 - 14:52
- Clarín.com
- Technology
Similar to what happened this week with high-profile account hacks in the United States, Telecom suffered a ransomware attack this Saturday that affected customer service systems. From Russia, they asked for a sum that would be between 7.5 and 25 million dollars, but they did not succeed: the attack is already contained.
The attack was specifically to the internal sector : no user of Telecom, Personal or Fibertel was affected.
Although a screenshot with the purported rescue was circulated, from Telecom they assured Clarín that this image was "static": that is, it did not allow interaction, but was "embedded" in one of the links that hackers spread in the system internal.
The screenshot that circulated with the intended rescue.
During Thursday, employees from various sectors of the company such as Fibertel and Fibercorp began to detect irregularities. "We shut down all internal systems, we ask that they do not use the internal private network (VPN) and we follow the common protocol in these cases, " they explained to Clarín.
“We are gradually building the teams. At 6 in the afternoon we will have a clearer picture, "they added.
The amount they asked for is not clear, and while from the company they explained that this screenshot was not faithful to what the extortion was asking for, at the moment it is not known how much money they demanded . It is known that the attack came from Russia.
"What circulated in networks was collective delirium. The screenshot is a link that led there, not a place to interact. We are seeing how far the infection went ”, explained from the Telecom Security department, Gerardo Maurer.
"We are seeing how far the infection went," they said from the company.
What was clear from the first moment is that customers were not affected : although the malicious code spread with speed, it affected only the computers of the teams that provide customer service remotely. For this, a special software mediated by a VPN is used, something usual to preserve the security of the connection outside the office.
What is ransomware and how it works
Ransomware is a type of program that, installed on our devices, allows a computer attacker to access our information . From this, there are usually two extortion dynamics: either threatening to publish compromising private information (the most common cases, intimate photos or videos), or not returning the credentials and thus losing access to our accounts.
The attack on Telecom occurs in a context of growing computer attacks, mainly due to the situation of confinement due to the coronavirus. Hackers, or "hackers" - many of them from Russia - are increasing ransomware attacks . And, in fact, since the pandemic began, emails to private users multiplied, demanding money in exchange for a stolen password.
Of course, there are some more coveted targets at stake: top American companies, public figures, and other high-exposure profiles. In general, they threaten to paralyze their networks if they do not meet their demands for millions of dollars.
Or, as was the case with high-profile accounts in the United States this week, misleading users through messages saying that if they deposit an amount of bitcoins, they will receive double or triple.
Last Thursday, millionaire entrepreneurs Elon Musk, Jeff Bezos and Bill Gates suffered the hacking of their Twitter accounts, which were used to mount a financial scam in Bitcoins on Wednesday afternoon.
The hackers claimed that they would return duplicates the amounts that were transferred to an address of the Bitcoin cryptocurrency. Something that, of course, was not.
Last Thursday, millionaire entrepreneurs Elon Musk, Jeff Bezos and Bill Gates suffered the hacking of their accounts.
"Everyone is asking me to give back, and now is the time. I duplicate all payments sent to my Bitcoin address during the next 30 minutes. You send me $ 1,000, I give you $ 2,000 back," said the message.
This week it became known that those who collaborated with the attack were employed from within Twitter .
