The town of Weiz, Austria, suffers a ransomware attack

(To Alessandro Rugolo)

Weiz, an Austrian town of 11.000 inhabitants, was hacked. Public online services suffered data theft which was later published.
The author of the gesture employed a new ransomware, NetWalker, which affects Windows operating systems by encrypting the files and eliminating any backups found in the affected network.

The means used to spread the malware is that of e-mails having as object "Information about the Coronavirus", a recurring subject in the campaigns of the last few months but which continues to act as a good bait.

It appears that the same attacking group is implicated in other similar attacks in Illinois and Australia.
From the website of the city of Weiz it is learned that the stolen data amounted to 27 Gigabytes, coming from an old back-up DB from 2018. The municipality stated that thanks to the back-up policy used, within a few hours they were can restore encrypted services and files.

Some consideration must be made regarding the fact that ransomware, although well known, continues to be dangerous.

The fact that NetWalker ransomware searches the network and deletes any back-ups found is indicative of the practice of network administrators to save the backups in the same network, which is not recommended even when you have a powerful security structure.

Only a careful back-up policy can help against this type of attack, which is increasingly based on the use of techniques social engineering to entice its victims and the bad habit of underestimating the importance of a good back-up policy in companies.

An attack of this kind would have almost no effect if the back-ups were present and well managed, as seems to have happened in this case.

To learn more: