Exploit: Ransomware
ADIF: Railway Operator and Authority
Risk to Small Business: 2.092 = Severe
REvil ransomware is at work again in an incident at Spanish national railway controller ADIF. As the Administrator of Railway Infrastructure, ADIF is a state-owned operation that manages rail traffic and infrastructure and collects fees from railway operators that has been in hot water before – this is the third recent incident. Two previously successful REvil ransomware campaigns enabled attackers to grab an estimated 800 GB of data including internal correspondence and accounting figures.
Individual Risk: No personal information or financial data was reported as compromised in this breach, although the attackers do claim to have sensitive corporate data that they will release if their demands are not satisfied.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: REvil ransomware has been involved in many recent incidents, and as ransomware continues to present a growing problem for cybersecurity professionals, companies have to take security awareness training seriously. This information was the 3rd incident for ADIF, and one is too many for many companies to survive. Most ransomware is delivered through email, and improved phishing resistance training helps users spot it.
Source:
https://portswigger.net/daily-swig/spanish-state-railway-company-adif-hit-by-revil-ransomware-attack