Ransomware gang demands €10 million after attacking Spanish council

Siva Ramakrishnan
The mayor of Calvià, a municipality on the Spanish island of Majorca, has said the city council will not be paying an approximately €10 million extortion fee demanded by criminals following a ransomware attack.

The mayor of Calvià, a municipality on the Spanish island of Majorca, has said the city council will not be paying an approximately €10 million extortion fee demanded by criminals following a ransomware attack.

Calvià, a region on the southwestern part of the resort island, has around 50,000 residents who have been informed that the council is working to “recover normality as soon as possible.”

In a statement on the council’s website, it confirmed that a crisis cabinet had been formed to evaluate the scope of the cyberattack, which was discovered on Saturday morning.

“The IT Service, accompanied by a team of specialists, is working on the mandatory forensic analyses, as well as on the recovery processes of our affected services,” the statement said.

Mayor Juan Antonio Amengual has said he will not consider paying the extortion fee, as reported by the Majorca Daily Bulletin. He also released a video statement on social media.

Spain was among the Counter Ransomware Initiative signatories that last year pledged “relevant institutions under the authority of our national government should not pay ransomware extortion demands.”

As a result of the attack on Calvià, the council has had to temporarily suspend all administrative deadlines — for instance the submission of civil claims and requests — until the end of January.

The city council said it had contacted the cybercrime department of the Civil Guard and shared its preliminary forensic analysis.

“The city council deeply regrets the inconvenience that this situation may cause and reiterates its firm commitment to resolve the current situation in the most orderly, rapid and effective manner possible,” the website said.

CybercrimeGovernmentBriefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.

 

Total
0
Shares
Previous Post

UK privacy watchdog to examine practice of web scraping to get training data for AI

Next Post

How a ‘crypto drainer’ tricked people into handing over $80 million in assets worldwide

Related Posts

VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware

An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi. "Leveraging Microsoft SaaS services — including Teams, SharePoint, Quick Assist, and OneDrive — the attacker exploited the trusted infrastructures of previously compromised organizations to
Avatar
Read More

Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users

Google's cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security. "We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll out to all users worldwide during 2025," Mayank Upadhyay, vice president of engineering and distinguished engineer at
Avatar
Read More