Exploit: Ransomware
Telecom Argentina: Telecom and Internet Service Provider
Risk to Small Business: 2.870 = Severe
REvil gang attackers made a bold foray into Telecom Argentina last week, culminating in successfully gaining entry to an internal Domain Administration account, giving them free access to deploy their ransomware payload to more than 18,000 workstations. The company moved quickly to combat the incident, and alerted workers to the danger of potentially corporate network, not to connect to its internal VPN network, and not open emails containing archive files.
Individual Risk: No individual personal or financial data is reported as affected at this time.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Administrator accounts are often compromised through whaling, a type of phishing – and an expressway for cybercriminals to race into the heart of a business. Combat that risk by putting extra protections in place like multifactor authentication that help keep administrator accounts safe.