The government of Argentina has reportedly refused to pay a $4 million bitcoin ransom demanded by hackers who hijacked the country’s immigration systems, temporarily crippling cross-border movements.
On Aug. 27, the cybercriminals – now identified as a group calling itself Netwalker – hacked Argentina’s immigration agency, Dirección Nacional de Migraciones, in an attack that halted border crossing in and out of the Latin American country for up to four hours.
The thieves allegedly stole sensitive information and are demanding millions of dollars in bitcoin (BTC) before they can decrypt the files, according to a Sept. 6 report by Bleeping Computers. Initially, Netwalker wanted $2 million worth of bitcoin but later doubled the ransom to about 356 BTC (or $4 million at the time).
However, the Argentinian government is refusing to negotiate with the hackers and will not pay the demanded ransom. As reported by Infobae, a local publication, officials say that the cybercriminals “did not attack the critical infrastructure” of the immigration agency and did not steal anything sensitive, whether personal or corporate.
Authorities are adamant that they “will not negotiate with hackers and neither are they too concerned with getting that data back,” Infobae reported, quoting María Eugenia Lachalde, a lawyer who represents the agency. Lachalde detailed that the attack affected “the normal operation” that attends to the public, “both in administrative offices and in immigration control posts.”
In response, the government shut down the entire computer system of the immigration department to prevent the malware from spreading to other networks. The action resultantly stopped all border crossing throughout Argentina for four hours. When immigration officials first noticed the attack on Aug. 27, they made an SOS call to higher offices:
(The team) realized that it was not an ordinary situation, and evaluated the Central Data and Distributed Servers infrastructure, noting the activity of a virus that had affected the system’s MS Windows-based files (mainly Adad Sysvol and System Center DPM) and Microsoft Office files (Word, Excel, etc.) in users’ jobs and shared folders.
What do you think about the Argentina ransomware attack? Let us know in the comments section below.
Image Credits: Shutterstock, Pixabay, Wiki Commons
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.