The Spanish public employment service, SEPE, has been the victim of a cyber attack. All systems are out indefinitely. It is the most serious type of ransomware attack but minister says “data and benefits not at risk.”
On Tuesday, March 9, a cyber attack shut down the website and all public service systems responsible for paying unemployment and ERTE benefits. Ministry of Employment sources reported Tuesday that the attack hit all 710 SEPE offices.
Ransom for cancelling a cyber attack averages over $111,000
The cyber attack on the public service is being investigated by the national cryptological center. This is a ransomware attack, called Ruyk, in which attempts have been made to block the entire system and cause reputation damage.
The goal of ransomware attacks is to block a system and then demand a ransom to remove the block. That has not happened yet. On Wednesday, the Spanish news site Voz Populí writes the type of ransomware attack that SEPE is dealing with falls into one of the heavier categories and that organisations behind these types of attacks demand an average of $111,605 in ransom. In many cases, they request the ransom in the form of crypto coins, such as bitcoins.
SEPE dealing with severe ransomware attack
Often, the source of a ransomware attack is an inattentive employee who opens a document or attachment containing the virus. This Ruyk-type cyber attack is one of the infamous ransomware attacks of recent years. Since the first attack in 2018, there has been an impressive list of victims. Several large companies in Spain, Germany, China and India suffered significant financial losses as a result, also putting millions of computers, users and data at risk.
Data and benefits SEPE not at risk
Since Tuesday, the SEPE website is inaccessible by both employees and users. The Spanish newspaper El Público writes on Wednesday that SEPE hopes everything will work again next week; but they cannot confirm. The Spanish Ministry of Employment said there is no data theft, and that benefits and other subsidies are not at risk.