Using "fax or telegram" is the solution to contact some services of the Ministry of Labor still affected after the cyberattack




On June 9, the Ministry of Labor made public that its computer system had suffered a cyberattack. The attack —as we learned hours later— was carried out using Ryuk ransomware, an old acquaintance of that ministry ...



... well only three months before, the State Public Employment Service (SEPE) was affected for several weeks by another similar attack, a fact that caused delays in the collection of benefits to thousands of unemployed.



When, at last, the March problem was fully fixed, we were told that the ministry had begun to take steps to reinforce their security. Insufficient measures, judging by the fact that it has now been seen affected again by the same type of malware.



After this second attack, many services were disabled, because the ministry staff could not use its administrative applications or connect to external networks. The officials had to start working from home or from secure networks set up for this purpose.







This is Ryuk, the ransomware that has knocked out SEPE (and that knocked out many others before)









According to sources from the Administration cited by El Mundo, "someone had to click on a link that should not have been and has allowed the computer intruder to access"




No, the Ministry of Labor has not yet recovered



Five days later (on June 14), the Ministry claimed that no group of cybercriminals had asked for ransom, that there had been no data robot, and that the ministry's systems were recovering "little by little" and that it already controlled "almost all" its equipment.



However, on June 17, the newspaper El Economista cited internal ministry sources who affirmed that the committee in charge of planning the reform of the labor law it had not been possible to meet at the headquarters of the Ministry of Labor:




"It has been impossible for them to do their work due to the constant computer problems. They still do not know if the problems will be resolved in the next few days."




Something normal, since those responsible for the National Cryptological Center (dependent on the CNI) they had called the incident "critical" and predicted that - as happened in March - it would take "weeks" to restore all systems.



This morning, digital law expert David Maeztu hung a screenshot of a notice on a website of the regional administration of La Rioja in which it is notified that even now "the Delt @ accident reports communication system is still closed".



In it, users were warned that it was impossible to digitally report such accidents although, fortunately, "will not count the submission deadlines as long as the incidence is maintained ".



Likewise, it is noted that 'urgent communications' could still be carried out through reliable technologies such as email, fax ... and telegram. No Telegram, no.



From Genbeta we have contacted the Ministry of Labor itself to have a complete list of the systems that have been recovered and those that remain inaccessible after the cyberattack, and we will update the article when we have a response.