Spanish multinational cash and private security logistics company Prosegur said Wednesday it had shut down its IT network to mitigate a Ryuk ransomware attack. The company's website was offline Wednesday afternoon, but updated via a post on Twitter that it had experienced a "hacking incident on its telecommunications platforms".
A few hours later Prosegur confirmed that it had taken "maximum security measures" to prevent the spread of Ryuk ransomware internally and externally.
"Prosegur reports that the incident found today corresponds to a general attack caused by the Ryuk ransomware. The company has taken maximum security measures to prevent both internal and external spread of the virus, ”he said.
According to UK security investigator Kevin Beaumont, the first reports of the hacking attack came around 5 p.m. The world computer network Prosegur was reportedly shut down and his employees sent home. However, the company did not confirm this.
Prosegur is one of the world's largest suppliers of armored vehicles for cash transfers between banks and ATMs, retailers and restaurants. The company has 170.000 employees and is active in Europe, the USA, The Latin America and Asia and the Pacific.
The company operates a fleet of 10.000 security vehicles and manages 100.000 ATMs worldwide. Alarm "alert" operates in nine countries and supports more than 550.000 alarms.
Ryuk ransomware has been associated with ransom demands of millions dollars addressed to US state and local governments. This month alone, Ryuk infected 400 veterinary hospitals operated by National Veterinary Associates based in California and a Wisconsin-based virtual care provider that provides IT services to 110 hospitals in the US, according to Krebsonsecurity.com.
While much of Prosegur's website has been restored, the site of half remains unavailable.Beaumont noted this morning that the day after the attack, customers reported on Twitter that the alarms were not working.