How hackers steal your data and ask for money to return it

The National Council for Scientific and Technical Research (Conicet) issued an internal statement with the warning about a ransomware that affected their systems, similar to the attack suffered by the Senate of the Nation in January of this year. It is a type of malicious program that encrypts information and asks for money to return it. In addition, this affected the systems, which are “with delays” according to the body itself.

This Wednesday, around 8 at night, they began to arrive notifications to scholarship holders, teachers and members of the organization. Through the Comprehensive System of Electronic Notifications (SINE), Conicet’s intranet, they warned: “Conicet communicates to its community that it has been affected by a global dispersion cyberattack. These types of attacks, called ransomware, were perpetrated in recent months against various public bodies, the Legislative Power, the Judiciary and companies in the country and different parts of the world.

“It is important to clarify that the system has not affected critical services. The different platforms for daily use, as well as the systems used by our scientific community, continue to be active and in operation”, they explained in the message from the body that depends on the Ministry of Science, Technology and Innovation.

Despite this, it is always recommended for users to change passwords: Ransomware attacks tend to leak internal data and, given the hermetic nature of the systems teams of those attacked, it is often difficult to measure the scope.

The Conicet clarified a sensitive point regarding the internal systems: “The processes of liquidation of salaries and scholarships could be carried out. The condition is focused on the local network of the Headquarters, and thus on certain servers and equipment (from the Palermo and Congreso offices)”, they clarified.

“We are working on the containment and mitigation of the attack, we have already managed to contain the new attack attempts associated with this first one, restore some of the information, isolate sensitive equipment and we continue to work as soon as possible to recover the normal operation of the entire network. Central Headquarters of the Council”, they closed. They also acknowledged “delays” in normal intranet procedures.

The information regarding which ransomware attacked the agency For now it remains airtight. On the pages of the main cybercriminal gangs, which are accessed through the dark web, there is still no information about it.

Clarion contacted Conicet to request more information about the attack but the institution decided not to comment beyond the internal communication that it spread on its platform, which is only accessible to its members.

The statement that was disseminated through the Conicet intranet. Photo SINE

Ransomware: what it is and how the program that attacked Conicet works

Ransomware is a type of program that encrypts third party information. Its name is an acronym for “data rescue program”: ransom in English means ransom, and ware is a shortening of the well-known word software (program).

While some simple ransomware can lock down the system in a simple way, the most advanced ransomware uses a technique called “cryptoviral” extortion, in which the victim’s files are encrypted, making them completely inaccessible.

Ransomware attacks are generally more targeted than malware: hackers target specific computer systems belonging to corporate businesses and this has to do with making them juicier victims to extort money.

Cybercriminals hijack information and ask for money in return. Photo Pexels Cybercriminals hijack information and ask for money in return. Photo Pexels

So far in 2022, several important Argentine companies have been victims of ransomware: Mercado Libre and Globant fell to glidingone of the most renowned groups of this year. Ledesma Sugar Millthe Latin American sugar empire, also saw its operations affected (by Lockbit).

Regarding state agencies, it is not the first time that this has happened in our country. Last year, an unauthorized access managed to extract data from the Renaper and sold it in a forum for buying and selling personal data. In 2020, the National Migration Directorate suffered a cyberattack that published thousands of personal data of Argentine citizens.

In this context and with the Conicet as a new victim, once again doubts are renewed regarding how protected personal information isof users, both in private companies and in public agencies.

By Editor

Leave a Reply