Two major Spanish companies were hit by ransomware on the same day. Everis, an IT consultancy firm owned by the NTT Data Group and Cadena SER, Spain’s largest radio network were impacted by the ransomware.
The companies have shut down their computers and disconnected their networks from the internet.
Everis was impacted the most by the incident as the company has more than 24,500 employees across 18 countries. The other branches of Everis were also affected because the ransomware is believed to have spread via the company’s internal network.
The Everis employees have posted in social media according to which the ransomware that hit the IT firm is a version of the BitPaymer ransomware that also hit French TV station M6 and German automation tools maker Pilz.
However, the ransomware strain that hit Cadena SER is not yet known publicly.
As Spain was one of the countries that were affected by WannaCry, the country’s government organizations reacted promptly.
Spain’s Department of National Security issued a security advisory within hours of the incidents which warns the companies to improve cyber-security measures and urging any other victims to reach out for help to INCIBE, Spain’s National Institute of Cyber-Security.
There is no sign of a ransomware outbreak similar to WannaCry, but the two ransomware infections had a major impact on the local Spanish business. Everis software is used by many local companies for daily activities. Some of them feared that they might as well be infected and decided to shut down operations to inspect systems.
There were some speculations that some other IT companies were also impacted as a result of which the Spanish financial consultancy firm KPMG and Accenture both had to issue statements on Twitter to reassure customers that they were not infected and are operating normally.