Telefonica, other Spanish firms hit in “ransomware” attack
Spain said on Friday a large number of companies, including telecommunications giant Telefonica (MC:TEF), had been infected with malicious software known as “ransomware” which locks up computers and demands ransoms.
The hacking was carried out as hospitals and doctors’ surgeries in England were forced to turn away patients and cancel appointments on Friday after a ransomware attack crippled some computer systems in the state-run health service.
Portugal Telecom was also hit by a cyber attack but no services were impacted, a spokeswoman for the company said.
In Spain, the attacks did not disrupt the provision of services or network operations, the government said in a statement. Telefonica said the impact of the attack was limited to some computers on an internal network and had not affected clients or services.
Security teams at large financial services firms and businesses were reviewing plans for defending against ransomware attacks, according to executives with private cyber security firms.
Although cyber extortion cases have been rising for several years, they have to date targeted small- and mid-sized organizations, disrupting services provided by hospitals, police departments, public transport systems and utilities in the United States and Europe.
“Seeing a large telco like Telefonica get hit is going to get everybody worried. Now ransomware is affecting larger companies with more sophisticated security operations,” Chris Wysopal, chief technology officer with cyber security firm Veracode, said.
This was also likely to embolden cyber extortionists when selecting targets, Chris Camacho, chief strategy officer with cyber intelligence firm Flashpoint, said.
“Now that the cyber criminals know they can hit the big guys, they will start to target big corporations. And some of them may not be well prepared for such attacks,” Camacho said.
In Spain, some big firms took pre-emptive steps to thwart ransomware attacks following a warning from the National Cryptology Centre of “a massive ransomware attack.” It said hackers used a version of a virus known as WannaCry that targets Microsoft Corp’s (O:MSFT) widely used Windows operating system.