Another ransomware attack has been successful. This time it hit the computer systems of Pemex, a Mexican group active in the oil industry. According to information collected by employees and employees of the company, the transaction caused the activity to be put on standby from an administrative point of view.
Ransomware attack on the Mexican Pemex
The tool used to put the company in check is Ryuk, of which we have already written on these pages in the past. A specially packaged software to target companies with a significant volume of business (between 500 million and billion dollars per year) in order to demand payment of a ransom within a certain amount of time.
This is the statement attributed to a spokesman for the group.
We are implementing nationwide measures to combat the Ryuk ransomware that has hit Pemex’s servers in different parts of the country.
It’s yet another blow to a company already struggling with debts and declines in production rates. The attack affected less than 5% of the computers in use. As written at the opening, administrative hitches are occurring, while the other activities proceed without change, at least according to the official position.
Ryuk’s modus operandi is well known: it blocks access to documents until the ransom is paid. As a precaution, Pemex has ordered its employees across Mexico not to turn on computers to prevent the infection from spreading further as well as immediately backing up data on hard drives.
This comment collected by an employee, for obvious reasons remained anonymous.
The servers have crashed. People are not working.