Get a free 90-day scanback:   Discover threats in your organization's Office 365 mailboxes >>

The State of Ransomware Attacks across Mainland Europe

Cyber attacks targeting countries like the UK, United States, and Australia tend to receive the majority of media attention. However, large swaths of attacks continue to hit other parts of the world, including mainland Europe. This article highlights five recent ransomware attacks in continental Europe. You’ll also get some practical advice for tools and services that can combat the threat of ransomware.

Five Recent Ransomware Attacks in Mainland Europe


Ransomware attacks frequently target countries in mainland Europe. Criminal gangs block access to vital a victim’s software, systems, and data, demanding huge payouts to return the victim’s critical IT assets. Here are examples of five recent attacks hitting disparate industries across the heart of Europe.

Funke Mediagruppe Germany: December 2020

In December 2020, Funke Mediagruppe became the victim of a ransomware attack that led to publishing delays in its magazines and newspapers. The publisher has a daily reach of over 3 million readers via newspapers such as Berliner Morgenpost and Hamburger Abendblatt.

The attack hampered several of the publisher’s major printing houses, which resulted in having to temporarily remove paywalls so that people could access their magazine and newspaper content digitally. This ransomware attack provided evidence of the vulnerability of publishers to cyber attacks and should serve as a warning to other publishing groups to ramp up their cybersecurity defenses.

 

Swiss Cloud: April 2021

Swiss Cloud suffered a ransomware attack in April 2021 that knocked the company’s cloud computing services temporarily offline. According to the official update released by Swiss Cloud, “parts of the complex server network affected by the attack must first be cleaned up individually and reconfigured with the corresponding temporal effects.”

Swiss Cloud has over 6500 customers, many of whom felt the impact of this ransomware attack with some services taking days to restore. Cybercriminals know that while cloud vendors often have security expertise, successful ransomware attacks on such companies can have knock-on effects for thousands of customers. The potentially lucrative payouts from targeting the providers of cloud services ensure that hacking groups always keep an eye on service providers’ systems for vulnerabilities to exploit.

 

State Public Employment Service (SEPE) Spain: March 2021

A ransomware attack executed by hacker group WIZARD SPIDER shut down IT systems belonging to Spain’s SEPE governmental agency in March 2021. SEPE provides public employment opportunities and social security in Spain. The attack used Ryuk, which is a particularly menacing type of ransomware.

The attack impacted citizens who had appointments with SEPE cancelled or delayed. In many cases, such appointments may have related to applications for social security benefits for people who became unemployed during the pandemic. The attack on SEPE once again displays the callous nature of cyber gangs who believe that disrupting important societal services in the middle of a pandemic increases the likelihood of landing a big payday. 

 

Banca di Credito Cooperativo (BCC) Italy: April 2021

A ransomware attack disrupted operations at one of Italy’s largest co-op credit banks in April 2021. The perpetrators of the attack were DarkSide, which experts believe to be a group originating in eastern Europe. DarkSide offers ransomware-as-a-service, which is a worrying business model that makes ransomware attacks far more accessible to anyone with some money and malicious intent. 

 

French Hospitals: February 2021

February 2021 was a dark month in French healthcare—not only was Covid-19 wreaking havoc, but ransomware attacks struck two French hospitals in the middle of the crisis. The cause was once again the Ryuk ransomware, and the result involved patients having to be transferred to other facilities.

With information systems interrupted, vital hospital services such as X-rays ground to a halt at the hospitals. There is no doubt that cyber attacks on healthcare facilities are barbaric, but the bitter pill to swallow is that such attacks happen all over the world on a daily basis, and many end up being successful. Healthcare facilities that use ransomware defense tools, strategies, and processes, will be less susceptible to the damages these attacks can cause.

 

Ransomware Protection Tools and Services

There are some valuable tools and services that can provide good protection against ransomware attacks. With the sheer volume of ransomware attacks currently being carried out, the best thing an organization can do is to take a prudent approach and use tools and services that are available and within their budget.

 

1. Phishing Simulation

Touting antivirus as the main solution to mitigate ransomware attacks is not good enough. While having antivirus installed on your network’s endpoints is always advisable, advanced social engineering techniques often bypass antivirus solutions because they don’t depend on using malware to gain access to data or systems.

One type of service gaining prominence is phishing simulation. A phishing simulation occurs when organizations send deceptive emails to their own employees to gauge their preparedness for genuine phishing attacks.

One word of caution about phishing simulation tests is that they need careful planning and execution. A recent example of a phishing simulation attack turned into a PR disaster when a British train company sent deceptive emails promising employee bonuses for working hard during the pandemic. Hiring a professional, reputable service for your phishing simulation tests is a useful way to learn about the human aspect of your cybersecurity posture while avoiding any PR issues.

 

2. Offsite Tape Backup

Offsite and offline backups of critical data can prove to be practical and effective in combatting ransomware attacks. While many companies regard tape backup as an old-school solution, that doesn’t mean it’s no longer relevant.

Having your critical data available and backed up in a secure off-site location dramatically reduces the impact of successful ransomware attacks. The reduction in severity stems from the fact that you don’t need to even contemplate paying the ransoms demanded by hackers for your critical data when you have it securely backed up off-site.

Critical to the success of tape backups is that they provide a complete picture of your critical data, and this, in turn, depends on regularly backing up this key information. Another important aspect is that you can get your data back quickly.

 

3. Email Security Solutions

Given that the starting point of many successful ransomware attacks is a suspicious email that appears genuine, an advanced email security solution can prove particularly adept at fighting ransomware. Key traits to look for in your email security solution include speed and automation. Your chosen solution should react rapidly and even pre-emptively remove emails before employees can click on suspicious links or reveal confidential information.

 

4. Patch Management

Patch management covers the basics of ransomware prevention so that the software or operating systems on your network endpoints aren’t exposed to unnecessary security risks. It’s still the case in 2021 that ransomware attacks can succeed by exploiting pout of date software for which patches exist.

Patches address security loopholes and vulnerabilities. A good patch management solution can keep track of your IT inventory and regularly update missing patches across your network.

 

5. Misconfiguration Scanning

Automated security scanning tools are particularly beneficial when they identify misconfigurations on your network devices, including firewalls, routers, and workstations. Such misconfigurations can expose ports or allow other easy entry routes into your network that hackers are all too happy to exploit.

 

Closing Thoughts

The ransomware epidemic shows no signs of abating. With ransomware as a service becoming more prominent, the volume of attacks targeting organizations in all industries and countries will continue to rise. Education, prevention, and above all, a solid defense strategy are all vital to ensure readiness for any attack.

To learn more about IRONSCALES’ award-winning anti-phishing solution, please visit us today at www.ironscales.com.