Home Real-life Cyberattacks Cases
The City Council of Seville, Spain, recently had to revert to paper records and in-person procedures after its computer systems were hijacked by a group of cybercriminals. The attack was carried out using LockBit, a ransomware program identified in 2019 and also known as ABCD. This tool is a subclass of encryption viruses that demand a ransom in exchange for file decryption and primarily targets businesses and official institutions, rather than individuals.
The hackers demanded over one million euros from the municipal government, but the municipality refused to negotiate with the cybercriminals. This marks the second successful attack on the municipal website in three years. Emergency services, such as local police and firefighters, were forced to resort to paper documents for recording and organizing actions. Two years ago, the City Council of Seville fell victim to another attack through what is known as CEO fraud, where hackers impersonated the identity of the company awarded the contract for the Christmas lights.
Full story here.
Ransomware attacks are an increasingly common threat to organizations. In this case, it was the second cyberattack carried out against the City Council of Seville, and despite the LockBit tool being developed in 2019, this type of attack remains prevalent and current.
As cybersecurity becomes an emerging issue and a growing concern, organizations and institutions need to be aware of the most effective prevention measures to avoid such situations.
Regular Backups and Offline Storage
To prevent a ransomware attack, it is crucial to regularly back up important data and store it offline. This allows for data recovery without the need to pay a ransom in the event of a ransomware attack.
Antivirus and Anti-Ransomware Protection
In the case of a ransomware attack, a good preventive practice may involve using security solutions that offer effective antivirus and anti-ransomware protection, including the detection of malicious behaviors.
Awareness and Training
Raising awareness and training employees about ransomware threats is a crucial measure to consider when facing a ransomware attack. Regularly informing employees and companies is essential for recognizing and avoiding phishing emails, malicious links, and suspicious attachments.
Access Control
Implementing access control principles ensures that users have only the necessary permissions to perform their functions. In the case of a ransomware attack, this measure can reduce the likelihood of the ransomware spreading.
Network Monitoring and User Behavior
The implementation of monitoring solutions can identify suspicious behavior patterns. This measure can prevent a ransomware attack, as these solutions can identify potential ransomware activities.
For more information about ransomware: https://www.integrity.pt/assessment-malware-ransomware.html.