SECURITY
SECURITY
SECURITY
Argentina judiciary targeted by new ‘Play’ ransomware group
Argentina’s Judiciary of Córdoba has been forced to suspend its information technology services after being targeted in a ransomware attack.
The attack is reported to have taken place on Aug. 13 and involves a fairly new ransomware group going by the name of “Play.” Bleeping Computer reported Monday that as a result of the attack, judiciary employees have been forced to resort to using pen and paper to create and process official documents.
The judiciary has confirmed the attack, describing it as the “worst attack on public institutions in history.” The organization said that it had engaged local specialists as well as Microsoft Corp., Cisco Systems Inc. and Trend Micro Inc. to assist in recovering its systems.
Play ransomware first appeared in June and gets its name from the methodology of its attacks. The group encrypts files and adds a .play extension to them. Interestingly, those behind the attack do not provide a typical ransomware demand or note, instead leaving a message to victims that simply says “PLAY” and includes an email address to contact the attackers.
Upon then contacting Play, ransomware demands are made. PCRisk noted earlier this month that Play victims often do not receive the necessary tools to decrypt their data despite meeting demands.
“Although details are still emerging about how ‘Play’ breached the agency’s network, there is no indication that any data was stolen in the attacks,” Josh Rickard, senior security automation architect at low-code security automation company Swimlane Inc., told SiliconANGLE.
“Local government organizations’ abundance of sensitive information and often-limited cybersecurity resources have made them a relatively easy target for ransomware gangs,” Rickard explained. “These groups leverage this information to their benefit, which unfortunately means local citizens are the victims.”
Although the attack vector has not been disclosed, Jelle Wieringa, security awareness advocate at security awareness training company KnowBe4 Inc., believes that the attackers likely obtained access to the judiciary network through a phishing attack based on email addresses obtained through the Globant data leak in March.
“The Judiciary has had plenty of time to take appropriate measures to train their users and increase their security posture to maximize the chances of mitigating an attack,” Wieringa noted. “Even though ransomware attacks seem to be commonplace nowadays, we should not underestimate the risk and likelihood of falling victim to one. And we should take appropriate measures to minimize the risks involved.”
Photo: Carlos Zito/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
