Ransomware attack shuts down border crossings in Argentina

The attack against the border crossing management system halted arrivals and departures from the country for a number of hours  

Ransomware attack shuts down border crossings in Argentina

By Roberto Ettore - Own work, CC BY 3.0, https://commons.wikimedia.org/w/index.php?curid=19767371

Argentina's official immigration agency, Dirección Nacional de Migraciones, was hit by a ransomware attack by the "Netwalker" group that temporarily stopped the crossing into or out of the country. It may have been the first known attack against a federal agency that interrupted a country's operations, although ransomware attacks against cities and local agencies have become rather common. 

According to a criminal complaint that was published by the cyber crime agency in Argentina, Unidad Fiscal Especializada en Ciberdelincuencia, the government found out about the attack after it received a large number of calls from checkpoints requesting technical assistance around 7am on August 27. 

"Being approximately 7 a.m. of the day indicated in the paragraph above, the Directorate of Technology and Communications under the Directorate General Information Systems and Technologies of this Organization received numerous calls from various checkpoints requesting technical support," the complaint said. 

In order to prevent the ransomware from infecting additional devices, the computer networks used by immigration offices and control posts were shut down. According to Argentina's Infobae news website, the attack caused the temporary suspension of border crossings for four hours wile the servers were brought back online.