The Ministry of Labor has suffered two hacks in three months. After not being able to fully recover on their own, they have finally had to turn to private companies to try to solve the serious problem. The second attack , which occurred two weeks ago, has not been commented on by the ministry, but we are finally learning new details about it.
Ministry technicians are currently working with the CNI , but have finally had to resort to private companies to solve it as soon as possible, awarding the contract without advertising and by emergency means to Fujitsu Technology Solutions .
The Ministry of Labor is still affected by the hack
The two attacks, the first against the SEPE in March and the second against the ministry in June, have shown that the necessary protection tools were not available, in addition to the fact that there are no technical means to solve the failure immediately. In the first attack, the ministry had to turn to Telefónica , and in this they have had to turn to Fujitsu, with a contract valued at 145,893.33 euros.
The contract specifies that they seek technical assistance to “give the quickest possible response to security incidents in order to solve the attack suffered by the Department.” The Ministry has not published any more message in this regard since last June 9 they announced that they had suffered the attack.
The malware that has affected the ministry on both occasions has been the Ryuk ransomware, which is introduced taking advantage of some unpatched vulnerability, and where normally the entry vector is a worker who clicks on a link that comes to him by email. In the case of SEPE , there was a collapse in the processing of benefits. The Ministry of Labor has denied on all occasions that data has been stolen or that a ransom has been requested for it, which is probably a lie because this ransomware works like this, leaving a final file in which instructions are given to receive the payment in a bitcoin wallet.
Fax and telegram for emergency communications
The award of the contract to Fujitsu is not surprising, since in the last five years it has signed 243 contracts valued at 1,127 million euros , in addition to being in charge of the maintenance of computer systems and equipment at SEPE and the maintenance of software for copies of security of other ministries and state agencies.
Yesterday, David Maeztu published a screenshot showing that any procedure that needed to be done urgently would have to be dealt with by email , fax or telegram , giving an account of the extent to which the ministry is affected. for not being properly protected against ransomware .