You are here

Ransomware cyber attack hits Telefonica, other Spanish firms

[MADRID] Spain's government warned on Friday that a large number of companies had been attacked by cyber criminals who infected computers with malicious software known as "ransomware" that locks up computers and demands ransoms to restore access.

The victims included Telefonica, the nation's biggest telecommunications firm, while other Spanish firms such as power company Iberdrola and utility Gas Natural took preventive measures.

"There has been an alert relating to a massive ransomware attack on various organisations, which is affecting their Windows systems," Spain's National Cryptology Centre said in a statement.

The ransomware is a version of the WannaCry virus, which encrypts sensitive user data, the National Cryptology Centre said.

Market voices on:

Spain is the latest nation to warn of a global surge in ransomware. Hacks have disrupted services provided by hospitals, police departments, public transportation systems and utilities in the United States and Europe.

In Britain on Friday, hospitals were hit by large-scale cyber attacks, the Guardian newspaper reported.

It was not immediately clear how many Spanish organisations had been compromised by the attacks, if any critical services had been interrupted or whether victims had paid cyber criminals to regain access to their networks.

Telefonica said in a statement it had detected a "cybersecurity incident" that was limited to some of its employees' computers on its internal network and it had not affected its clients or services.

The cyber attack involved a window appearing on employees' computer screens that demanded payment with the virtual currency bitcoin in order to gain access to files, a Telefonica spokesman said.

"News (of this attack) has been exaggerated and our colleagues are working on it right now," Telefonica chief data officer Chema Alonso, a well-known cyber security expert, said on Twitter.

Iberdrola and Gas Natural, along with Vodafone's unit in Spain, asked staff to turn off computers or cut off internet access in case they had been compromised, representatives from the firms said.

The cyber attack had not affected the provision of the companies' services or the operation of their networks and the national cybersecurity institute was working to resolve it as soon as possible, the Spanish government said in a statement.