Some weeks ago, a hospital placed in a little region of Spain was victim of a cyber security incident that disabled part of its infrastructure. According to specialists in reversing engineering, this was the first cyberattack affecting a Spanish hospital, at least until now.
Similar reports have been appearing during these days, triggering the alarms between all the authorities. Finally, the attached director of the National Police revealed the discovery of NetWalker, a new type of ransomware capable of disabling completely all the It infrastructure of thousands of Spanish hospitals.
The authorities launched this alert a few hours ago, recommending the staff that work on these institutions to be careful with any possible email or malicious website, because is a matter of seconds for the malware to infiltrate in an affected system, said the experts of reverse engineering .
A security report from the bran Kaspersky says that this is a new version of a ransomware variant known as Kokoclock, besides the malware Mailto. As the report says, the threatening actors use a simple social engineering campaign to make their victims to interact with some link, attached file or malicious website.
By the other hand, the Spanish authorities, together with reverse engineering instructors, said that the main attacking vector in this country is the sending of emails with malicious attached files, pointing that the major part of antivirus tools can’t identify the threat until it is too late.
Besides, this threat has gone further the borders of the European country. Various health institutions of Illinois have reported infections of Netwalker, which difficult the combat labor to the coronavirus/COVID-19.
After completing the infection of the SO, the malware shows a note of ransom ordering a payment for an amount still not revealed. According to the International Institute of Cyber Security (IICS), it is not recommended to negotiate a payment to the hackers, because there is no guarantee of the hackers to do their part, so the information could be lost forever.
Besides, due to heir low cost and low difficulty, the infection campaigns of ransomware are still being one of the main risks in cyber security for users in general, so it is recommended to make preventions, like the addition of email filters and backup files.