Blogs and advice from Industry leading Specialists
Valuable Opinions, Comments & Gossip
Financial related News & Articles relating to Spain
Latest News, Stories
& Hot Topics
Various Tools & Widgets to help with your financial needs
Tools & Widgets to
help with finances
Polls, Surveys and Opinions featured throughout Tumbit
Featured Polls, Surveys & Stats
Discussions, Advice & Topical Chat
Discussions, Advice & Topical Chat

How the WannaCry ransomware attack affected businesses in Spain

Source: El Pais - Fri 19th May 2017
How the WannaCry ransomware attack affected businesses in Spain

Spain was one of the first countries known to have been affected by the recent WannaCry cyberattack that froze up computers across the planet and asked for money in return for unlocking user files.

This was due to the transparency of Telefónica, the Spanish telecoms giant, which confirmed the computer attack on Friday morning. Soon after that, news emerged that the WannaCry ransomware attack had crippled several hospitals in Britain’s public health system, infected computers at the shipping company FedEx and created trouble at Nissan and Renault car assembly plants.

China and Russia in particular were severely affected due to their heavy reliance on pirated software that is not subject to Microsoft’s periodic security updates, experts note. In Spain, the National Cybersecurity Institute (Incibe) confirmed on Monday that 1,200 computers were affected by two variants of WannaCry. Experts consulted by EL PAÍS describe this figure as “very low,” considering the impact detected at Spanish companies.

“I understand that Incibe does not give out figures that are based on estimates, but it makes no sense to talk about such a low infection rate when you have huge companies like Telefónica that were affected,” says Vicente Díaz, an analyst and security researcher at Kaspersky Lab, a multinational cybersecurity company.

“The impact was tremendous, because this cyber attack was designed to spread across companies. The bigger [the company], the worse [the impact],” said Sergio de los Santos, who is Innovation and Labs Leader at ElevenPaths, Telefónica’s cybersecurity unit.

Telefónica acknowledged last Friday that it had been affected by the cyberattack.

“I think that a lot more [companies] were affected, but are keeping quiet about it,” he adds. “There is a lack of transparency, and I don’t think that’s the right way to go. The cyber attack happened on a global scale and it could have affected anybody. The fact that we were open about it helped in some way to contain it and to initiate an early investigation into what happened.”

De los Santos, who is personally involved in the Telefónica investigation, told EL PAÍS that the company is “100% operative and everything is back to normal,” even as “the investigation continues in partnership with the National Cryptology Center and Microsoft.”

Hospitals in trouble

One source who has insider information about several Spanish companies that were affected by the attack said, on condition of anonymity, that “one major hospital group is having a rough time right now. Everything has gone to hell.”

Most public hospitals in Spain have taken preventive measures. Health workers at the Salamanca Clinical Hospital and the Cruces University Hospital told this newspaper that several services on their internal network were affected by the cyber attack, but that patient treatment was in no way compromised. All the health centers consulted by this newspaper said their computers are running on the Windows 7 operating system, which still gets updates from Microsoft.

Unsolved mystery

The biggest mysteries – namely, how the first infections occurred, and why they all started on the same day in different parts of the world even though they spread through local networks– remain unsolved, notes this expert.

De los Santos also underscored that companies have trouble keeping up with software updates: “A month is an unmanageable time frame for many organizations. Big companies often have to test patches first to make sure that the products and services they offer will not be affected. Often there is no time for patches. You are always running a risk, and normally nothing serious ever happens – until it happens.”

This expert foresees that some companies will now take some proactive action on cybersecurity issues, but that once the ransomware attack becomes old news, “we will forget all about it, as usual. It happened in 2003, in 2008, and it will happen again.”

Vicente Díaz, of Kaspersky, concurs. “We never learn.”

Recommended Reading :

* Spanish companies hit by Ransomware cyber attack

* Anonymous-linked 'hacktivists' leak details of over 5,000 Spanish cops online