The public agency received collateral damage due to the attack on the SEPE. Reactivation of all services could take at least two or three weeks.

The data hijacking or ransomware attack that keeps the Spanish State Public Employment Service (SEPE) restricted is now affecting the Social Security Institute. Local media reports indicate that multiple procedures received a suspended status until further notice.

Workers of the institution assured, according to Voz Pópuli, that the system for processing new requests for pensions, maternity or paternity benefits, or obtaining certifications would not be operational. The “Your social security” service would also be under deactivation.

The Social Security Institute Platform is Connected to the SEPE to Make Inquiries

The institute admitted that they face difficulties; however, they did not offer more details about what is happening. The following message appeared on the agency’s website: «For technical reasons, some portal services will not be available. Sorry for the inconvenience”.

The situation arises because the Social Security Institute platform is connected to the SEPE to make inquiries. As the latter remains deactivated for security reasons, then in some cases, data could not go through corroboration.

An unidentified source said there are few problems and that they are not affecting benefits. “The offices are still open and bringing attention to the previous appointments. The telematic procedures continue to function normally in a general way”, indicated the informant.

The consequences of the cyberattack are under the eye of the authorities of the high government of Spain. From the Palacio de la Moncloa, this Wednesday, March 10, appeared a report that says that the attackers did not steal data and that the SEPE’s operating systems and records did not suffer any damage.

This Tuesday, March 9, CriptoNoticias reported the separation of information from the SEPE. However, it is unknown what the kidnappers’ demands are or if other institutions are compromised. Hackers usually ask for the release of payment data in cryptocurrencies such as bitcoin or Monero.

Cyberattack with Ryuk Ransomware: After 48 hours, the SEPE Platform Remains Paralyzed

Although it is not an official report, companies that specialize in computer security claim that the Ryuk ransomware caused the attack. Panda Security said that, after 48 hours, the SEPE platform remains paralyzed. A worker from the entity stated that they are using old forms to fill out by hand since they cannot use their desktop computers.

The most conservative estimates indicate that SEPE operations will continue to be under suspension for at least a week, affecting the Social Security Institute’s work. Other voices affirm that the difficulties will continue another two or three weeks before the spread of Ryuk.

Ransomware attacks are part of hackers’ plans who gain access to systems through phishing, for example, or other deception and social engineering techniques. Once inside, the hacker encrypts as much data as possible and then asks for a ransom for it.

By: Jenson Nuñez


Please enter your comment!
Please enter your name here