SECURITY ENTHUSIAST

A GSS ransomware attack affected the European call center provider as it made its IT systems freeze and database cripple.

What Services Were Impacted?

According to theRecord. publication, the impacted services were:

  • Vodafone Spain;
  • MasMovil ISP;
  • the company that manages water supply in Madrid;
  • private businesses;
  • television stations.

GSS sent a notification letter to its customers informing them on the topic and also on the taken measures.

Notification letter GSS ransomware attack

Image Source

Therefore, the impacted systems were taken down and now they are using Google-based systems. The company did not provide a date when the finalization of the recovery is expected.

None of the applications will be working until the incident is resolved.

Source

Conti Ransomware Behind the GSS Ransomware Attack

GSS is Covisian’s Spanish and Latin America division, counting among the biggest providers in call center services in Europe. A company’s spokesperson told the same publication mentioned above that the ones behind Conti ransomware conducted the attack on the 18th of September. Normally in Conti operations, data leakage is a common method. However, the spokesperson asserted the no data leakage happened and customers are not impacted.

The attack impacted only the GSS network, not the other services Covisian provides in other European states.

Conti ransomware is famous on the scene of recent ransomware attacks and it works as a private ransomware-as-a-service that basically means that affiliates perform ransomware attacks with existing ransomware tools and earn a percentage of the ransom. Some recent malicious operations include the exploitation of ProxyShell vulnerabilities early this month with the goal of compromising Microsoft Exchange Servers.

What Is Ransomware?

Ransomware stands for malware that encrypts files, then cybercriminals behind it ask for a ransom from the organizations in exchange for the decryption key. Now it has more sophisticated techniques engaging in data exfiltration first to allow for double extortion later, letting hackers eventually threaten with the release of the data too, not only blocking access to information by encryption.

Spain’s National Institute of Cyber-Security, INCIBE has not come with any comments on the matter.

Covisian also declared about the topic:

The cyberattack, from a data protection point of view, has not affected any of our clients to date. As a preventive measure against the cyberattack and in order to guarantee data protection, the services that could be affected were interrupted. From last Saturday to today, there is no evidence of leakage of any personal data. From GSS we hope to restore interrupted services as soon as possible, as long as their security is guaranteed.

Source

Ransomware Explained. What It Is and How It Works

Conti Ransomware Attacks on the Rise, FBI, CISA, and NSA Warn

Conti Ransomware Is Now Using ProxyShell Exploits to Compromise Exchange Servers

Conti Affiliate Leaks the Attack Playbook of the Ransomware Gang

Ransomware Payouts in Review. Highest Payments, Trends & Stats

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP