Spanish officials confirmed Friday that a massive cyberattack has hit a number of Spanish companies, in what appears to be part of a coordinated international effort.
“We are issuing an alert of a massive ransomware attack that affects Windows systems, blocking access to files,” said Spain’s National Cryptologic Center (CCN), a branch of the national intelligence agency, in a press statement.
The attacks are similar to those being reported around the globe in countries including the U.K.
An unknown number of computers at these Spanish companies have been blocked by ransomware. On the affected computer screens, the malware threatens to erase all of the computers’ files if a payment of $300 in bitcoin is not made within a week.
In another press release, the Spanish government also confirmed the attacks, assuring citizens that officials are working to solve the problem, adding that “this does not compromise the security of data, nor is this a data leak.”
The attacks were first reported around 12 noon CET (1100GMT) in the offices of telecommunications giant Telefonica. Employees reported that a large part of the computers, throughout the country, switched to a blue screen and later the ransom message appeared. Management quickly told the around 15,000 employees to turn off their computers until further notice.
The government reported that “various” Spanish companies have been affected, but Telefonica is the only one to have confirmed at this point. The hack has not directly affected the company’s millions of clients.
Spanish authorities urge those affected not to pay the $300 ransom. But the clock is ticking – the malware threatens to raise the ransom if payment is not made within three days.
“Paying ransom does not guarantee that the attackers will unlock the computer or send a password to decipher it, it only awards their campaign and motivates them to continue to massively distribute this type of harmful code,” said the CCN.