[사회][취재N팩트] “I can not pay!” E-Land ransomware attack … now?



[ad_1]

[앵커]

Yesterday YTN broke the news that E-Land Group was attacked by ransomware and caused a disruption to normal business, such as closing its offices in an emergency.

We will connect journalists to find out more about what happened, if the restoration is complete. Reporter Ahn Yoon-hak!

The E-Land Group and its customers suffered a major unexpected inconvenience yesterday.

What is the current situation?

[기자]

There are more than 50 outlets affiliated with E-Land Retail, such as NC Department Store and New Core Outlet.

Opened today and reopened.

E-Land Group said the first steps have been completed so that most branches can conduct basic sales excluding some functions.

However, it is not a 100% complete normalization.

Some cashier terminals are still down and some stores are disrupting normal operations.

For example, if there are clothing brands A, B and C, it means that companies A and B are in normal operation, but the terminal of company C is broken.

Ransomware is malware that encrypts data on a user’s computer and demands money in exchange for decrypting it.

An E-Land Group official said that it is the process of solving the systems that have failed one by one.

He said it would take some time to recover from 100% because the internal system must be reliably reorganized.

[앵커]

I mentioned it a while ago, but the payment terminal is still not working properly?

Did you have a similar problem yesterday?

[기자]

The most important thing is the payment process and in simple terms, the payment terminal was stuck.

Since I couldn’t pay, I had to rush all the customers who had entered the store and take action to close the store.

The symptoms of the ransomware attacks varied.

For example, the original price of product D was 30,000 won and product E was 20,000 won, but there were cases where the price tag was mixed, such as 20,000 won for D and 30,000 won for E.

There were cases where we were unable to accept returns.

There were also terminals that paid by credit card, and there was also an absurd problem with terminals that could not.

Since credit cards are not available, only cash purchases are possible or sales records are written by hand rather than electronically.

In addition, there are numerous stores in department stores and outlets.

Sometimes it is difficult to find where it is.

In some cases, the store information program was broken and printing was not possible.

At some point, this issue has yet to be resolved.

Customer-related information is encrypted and managed on a separate server, so it is known that it has not been leaked.

[앵커]

Who did this ransomware attack?

[기자]

After acknowledging the ransomware attack, E-Land Group formed a TF led by Vice President Choi Jong-yang to respond.

We are currently verifying the details of the incident with the security company, but we do not yet know in which country, through what channel and who attacked.

The police also launched an investigation.

The person in charge is the Cyber ​​Research Unit of the Seoul Metropolitan Government.

Yesterday, it was reported that the cyber investigation team visited the E-Land Group headquarters to verify the basics.

A police official explained: “It is a step to verify the fact of damage to the internal system, where and what type of attack was inflicted.”

Since the investigation is still in the early stages, it is not reasonable to predict the subject of the attack.

It has been determined that the attacker has not yet contacted E-Land and has specifically requested money or money.

[앵커]

Ransomware attacks are said to be on the rise recently.

Explain how this ransomware attack works and what to do to avoid damage.

[기자]

Let me explain you with an example.

More recently, during the hiring season in the second half of the year, a ransomware attack targeting businesses and organizations was discovered.

For example, an email will be sent to a company employee with the subject “Check your resume” or “Please attach an application form, see”.

The attachments look like normal document files, like Korean or PDF, but are actually executable files that contain malicious code.

If you mistake it for a document file and run it, the ransomware infection will start right away.

After erasing or encrypting computer data so that it cannot be used, he is held hostage and demands money.

With Corona 19 spreading around the world, ransomware attacks against the medical community, such as hospitals, continued.

In April, Interpol detected a ransomware attack targeting governments and hospitals in each country and issued a “purple search letter” for the purpose of sharing criminal methods.

In Korea, there was also a ransomware attack that disguised the download of files related to remote classes.

To avoid such damage, it is the safest way to delete any suspicious emails immediately, rather than open them.

In addition, in an emergency, you need to observe common safety rules, such as keeping your antivirus program up-to-date and checking it regularly, as well as backing up important data to a separate storage device.

YTN Yunhak Ahn at the Ministry of Social Affairs[[email protected]]it is.

※ ‘Your report becomes news’ YTN awaits your valuable report.
[카카오톡] Search YTN to add a channel [전화] 02-398-8585 [메일] [email protected] [온라인 제보] www.ytn.co.kr

[ad_2]