The recovery of the AutoExpreso system after “hijacking” by hackers “will take time”

Although she did not specify the details, the interim director of the Technology and Innovation Service of Puerto Rico (PRITS, in English), Nannette Martinez Ortizacknowledged today, Tuesday, that the recovery of the AutoExpreso “will take time” given the complexity of the “kidnapping” or cyber attack to which the system has been exposed for more than a week.

The official told The new day that the attack consists of a kind of “ransomware”, whose security metrics change daily. For this reason, handling the emergency requires cleaning all operating systems, computers, networks and company databases. Professional Account Management (PAM), which manages the AutoExpreso, before starting the system again.

The AutoExpreso system is extremely complex and restoring it will take time due to the complexity of all the components it involves.: all the servers, all the computers of this company that have to be cleaned, the databases, the networks… Before this goes up, we have to make sure that all this has been cleaned and is safe. Although our priority is to restore all these services as soon as possible, the reality is that the most responsible way to do it is to make sure that it is done safely, that it does not put any of the citizen services at risk and that the performance of the AutoExpreso system be a solid one,” explained the official in a telephone interview.

In addition, he confirmed that the modus operandi of this type of attack is to request the payment of a sum of money stipulated by the cyber attackers.

The director of the Highway Authority, Edwin González, confirmed this morning that the hackers who affected the AutoExpreso service last week requested money to release the data that they “kidnapped.”

“It is an X amount of money that they request. I cannot go into details because I do not want to affect the investigation that is being carried out”, González said in a radio interview with (WKAQ – 580 AM).

“But, in a data kidnapping note, what they do is that they request an X amount,” he added.

When asked if they were asking for millions of dollars, González replied that “I would not like to enter so as not to affect the process.”

When the same question was repeated, he replied: “Yes, x amount of money amount of dollars.”

“What a ransomware asks for is an action on the part of the victim, that action can be a payment or an exchange of information so that in exchange for this request, access to the systems that are blocked is returned”Martinez Ortiz said.

However, the official declined to comment on how much money the hackers are requesting, stating that “forensic analysis can be affected if details are disclosed.” Initially, Martínez Ortiz indicated that the hackers had only left a note indicating that they should contact them to release the data and that “no payment was requested.”

However, although today he indicated that part of the negotiations would consist of the payment of money, he limited himself to indicating that “the policy of the government of Puerto Rico is not to issue any payment.”

Questioned as to whether the Federal Bureau of Investigations (FBI, in English) is in charge of the investigation of the incident, Martínez Ortiz responded that “I cannot comment on that”, although he did not deny involvement.

“We have our collaborative agreements with federal agencies like the FBI”narrowed down

For his part, the head of the FBI in Puerto Rico, Joseph Gonzalezneither confirmed nor denied the participation of his agency in the investigation, although he did make it clear that it is his duty to monitor cyber attacks such as the one faced by AutoExpreso.

“We can neither confirm nor deny, but what I can tell you is that us as an agency in the FBI if we have cyber attacks against the government, a private company, or something that affects the critical infrastructure of the country, our duty is to be involved, speaking and in communication with the different parties“, said to The new day.

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button