Ilia Kolochenko, founder and CEO of web security company ImmuniWeb, has commented: “It is particularly alarming to eye attackers successfully targeting IT consultancy firms. Those who are supposed to protect us from ransomware and prevent it fall victims to it, emphasizing catastrophic unpreparedness even amid technology consultants.”
Both firms told employees to shut down computers and disconnect the internet after the attack which hit in the early hours of yesterday morning (November 4th).
Outputs from Spain’s largest radio network was not affected by the attack but, the virus did affect the station’s computers.
“We have been recommended not to work on our computers in a network environment,” a source at the station told Reuters.
Other big Spanish firms, such as airport operator Aena and KPMG Spain, said on Twitter that they had not been affected.
This is not the end
“We may expect a further spike of targeted attacks against IT consultants that frequently disregard the fundamentals of cybersecurity to cut their internal costs on a highly-competitive and turbulent market. Worse, those companies commonly have privileged access to a myriad of their customers’ networks without any control or due monitoring. Therefore, cybercriminals will soon start aggrandizing their attack scope to infect all their customers first and them disarm and paralyze the IT consultancies.” Kolochenko added.
Prevention and protection
As a piece of advice, the CEO suggests: “Visibility of your digital assets is crucial in a modern threat landscape. You cannot protect what you don’t see or don’t know. Large organizations shall likewise consider enhancing their third-party risk management to ensure that their suppliers won’t serve a Trojan horse.”