Ransomware, Content

Telecom SA Ransomware Attack: Hackers Demand $7.5 Million

Cybercriminals have launched a ransomware attack against Telecom S.A., Argentina's largest telecommunications services provider, according to Cryptonews. They have set a Tuesday deadline for payment; if Telecom S.A. does not submit a payment by Tuesday, hackers will raise the ransom to $15 million.

Tip Sheet:
Tip Sheet: How to stop a ransomware attack against your MSP business

Telecom S.A. is exploring solutions to the ransomware attack, Cryptonews noted. The company is asking its employees to temporarily avoid corporate network use and deactivate their computers and keep an eye out for suspicious files or emails from unknown recipients.

The Telecom S.A. ransomware attack likely occurred due to a malicious email attachment, Cryptonews stated. Furthermore, cybercriminals may have targeted Telecom S.A.'s Oracle Siebel customer relationship management (CRM) software during the attack.

In addition, hackers are demanding the Telecom S.A. ransom be paid in monero (XMR) cryptocurrency, Cryptonews reported. They also provided links to let Telecom S.A. know where it can buy XMR.

Orange Business Services Experiences Ransomware Attack

The Telecom S.A. cyberattack comes after Orange Business Services, a telecommunications service provider with a Top 200 MSSP business unit, experienced a ransomware attack earlier this month.

Nefilim hackers used ransomware to access data from Orange Pro/SME customers on July 4 and July 5, according to BleepingComputer. They also leaked a 339MB archive file that contained data that was allegedly stolen from Orange during the cyberattack.

Other recent ransomware attacks against MSPs, MSSPs and IT consulting firms include:

  • CognizantCybercriminals used Maze ransomware to attack the MSP and some of its customers.
  • xChanging: Cybercriminals used ransomware to attack certain systems at the DXC Technology subsidiary.
  • Collabera: Cybercriminals used Maze to obtain Collabera employees' names, addresses and other personal information and infect the company's systems.

The U.S. Secret Service recently warned IT service providers and consulting firms about cyberattacks. It indicated that threat actors are increasingly targeting point-of-sale (POS) systems and performing business email compromise (BEC) and ransomware attacks.

How MSPs Can Mitigate Ransomware Attack Risks: To safeguard your MSP business and clientele from ransomware attacks, follow this tip sheet.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.