We live in a world where cyberattacks have a growing impact on everyday life. It’s no longer just about data leaks capable of compromising privacy or fueling new waves of cyber scams. Nor only from rescheduled flights because the systems of an airport or an airline they have been committed. Cybersecurity incidents can also, indirectly, delay something as basic as collecting a payroll. This is what the employees of a Spanish agricultural company would have recently experienced.
The cyber attack. Levante-EMV points out that Agriconsathe Valencian company responsible for the juices and preserves of the same name, suffered a computer intrusion at the beginning of last week. Official details are scarce, but the incident would have altered the company’s normal operations for several days. Subsequently, activity would have been restored normally, which suggests a relatively quick response capacity on the part of the actors involved, including an external company whose specific role has not been specified.
Delay in payrolls. Agriconsa workers found themselves in an unusual situation this February. Instead of receiving their payslips on the scheduled date, the payment arrived late. Sources consulted by the aforementioned newspaper assure that the cyberattack caused a “total blockage of the computers.” As a direct consequence, essential processes such as order management, sending invoices or paying payrolls were temporarily affected.
What they say from the company. Levante-EMV collects statements from José Juan Felici, director of the company in Algemesí. According to the manager, “the external company” that collaborates with them reacted quickly and allowed normality to be recovered progressively. Felici acknowledges that it took them “a couple of days to recover,” but maintains that the problem is now completely resolved, while regretting the inconvenience derived from the cybersecurity incident.
One of the most revealing elements of his words is that the external company in charge of the systems carries out updates and implements improvements. Even so, the company ended up suffering from the attack. This highlights that even organizations that invest in protection can become victims of malicious actors whose primary motivation is often to obtain illicit financial gain.
Ransomware attack? In an incident of these characteristics, one of the first hypotheses usually points to the participation of a ransomware group. This is what the sources consulted by Levante-EMV suggest, who maintain that the release of the systems depended on the payment of a ransom. Felici, however, denied to that medium that he had received any financial demand to restore the equipment, although he did confirm the existence of the computer incident.
Companies, in the spotlight. Companies continue to be one of the priority targets of cybercriminalslargely due to the possibility of obtaining a payment in exchange for unlocking previously encrypted systems. In some cases, preventive measures are insufficient and even backups may be compromised. In others, restoration is possible without having to give in to the attackers’ demands, which shows the diversity of scenarios that can occur after an attack of this type.
From Xataka we have contacted Agriconsa to obtain more information about what happened and we will update this article as soon as we receive a response.
Images | Google Maps | freepik
In Xataka | How to know if your passwords have been leaked on the Internet
GIPHY App Key not set. Please check settings