According to a September 6 report published by Bleeping Computer, Argentina's National Migration Department had to suspend border crossing for four hours after being paralyzed by a ransomware attack that occurred on August 27:
"The Comprehensive Migration Capture System (SICaM) that operates in international crossings was particularly affected, which caused delays in entering and leaving the national territory."
A $ 4 million Bitcoin ransom
The hackers were able to access the database and steal information from the federal agency with the help of a powerful cryptovirus called Netwalker.
This variety of ransomware, which was first discovered in September 2019, uses sophisticated techniques to encrypt files with AES encryption.
In order not to allow the ransomware to replicate on other computer networks, they had to be shut down.
The hackers initially demanded $ 2 million in Bitcoin to unlock files, according to the dark web checkout page linked in their ransomware note. In one week, this sum increased to 355 BTC (about $ 4 million at the current exchange rate).
The extortion attempt is not going well so far as the immigration agency refuses to negotiate with the attackers. They assert that no confidential personal or corporate information has been compromised, and that they are not concerned with decrypting the stolen data.
More high-profile attacks
In July, Telecom Argentina, the country's largest telecommunications company, also became a victim ransomware, and the hackers requested $ 7.5 million in privacy-focused cryptocurrency Monero (XMR).
The attack lasted more than three days, but Telecom Argentina was able to restore access to the infected computers without having to fork out the hefty ransom.
As recently reported, CWT, America's fifth-largest travel company, agreed to pay $ 4.5 million in BTC to extortionists in late July.