With the on-going data breaches, the wave of compromised data is on the rise. The main motive of cybercriminals or ransomware operators behind these breaches is to acquire a large sum of money from their victims. Keeping a track of these data breaches, recently our research team came across a leak of Administrador de Infraestructuras Ferroviarias (ADIF).
Founded on 1 January 2005, ADIF is a Spanish state-owned railway infrastructure manager under the responsibility of the Ministry of Development, charged with the management of most of Spain’s railway infrastructure, that is the track, signalling and stations. With over 13,000 employees the company has been earning a revenue of around $8 Billion.
As per now, the ransomware operators have posted a sample of sensitive data files of the company being downloaded by them. As per the Cyble Research Team, this small data leak from the large lot seems to be a warning for the company to accept the terms of the ransomware operators. Unfortunately, if ADIF fails to contact REvil and refuses to accept their terms, then REvil seems to attack the company the third time and publish their confidential data on the public domain. Along with it, REvil allegedly claims to have access to 800 gigabytes of the company’s data.
As per Cyble Research Team, the operators may have downloaded, what seems to be the company’s confidential data such as ADIF’s high-speed hiring committee contracts, property records, field works reports, project action plans, documents about customers, and much more.
Below are the snapshots of the sample data leak documents been posted by REvil ransomware operators.
Tips on how to prevent ransomware attacks –
- Never click on unverified/unidentified links
- Do not open untrusted email attachments
- Only download from sites you trust
- Never use unfamiliar USBs
- Use security software and keep it updated
- Backup your data periodically
- Isolate the infected system from the network
- Use mail server content scanning and filtering
It is recommended to follow the above-mentioned prevention methods and never pay the ransom.
Cyble is an Atlanta, US-based, global premium cyber-security firm with tools and capabilities to provide near real-time cyber threat intelligence.
Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.
This monitoring and notification platform gives the average consumer insights into their personal cybersecurity issues, allowing them to take action then as needed. It has recently earned accolades from Forbes as being the top 20 cyber-security companies to watch in 2020.