The Prometey agricultural holding has become the target of a large-scale cyberattack. Hackers managed to breach numerous levels of the company's security. The fraudsters are demanding $250,000 in exchange for restoring access to the database. Prometey claims that this is blackmail and an attempt to paralyze the entire holding company, as key internal systems have ceased to function. "We received a message demanding a ransom for access to our own database. This is blatant cyber extortion. We have been working non-stop for three days to stabilize the system and recover the data," say Prometey's IT specialists.
According to the company, the attack took place on Sunday, bringing down the internal database and, with it, the internal programs that supported the work of the entire group of companies. Half of the employees' computers were completely affected by the virus, while the rest were partially affected. As a result, business processes effectively came to a halt: the agricultural holding's internal services, without which the normal operation of its divisions is impossible, were paralyzed.
Prometey specifies that hackers launched a virus that penetrated the system and could have completely destroyed it. "It was either fight back immediately or lose everything. All the information on the servers, accumulated over many years, ended up in the hands of unknown persons — from working data arrays to internal documents and operational information."
Representatives of the agricultural holding emphasize that the system had multi-level protection—up to 10 levels of security—but the attackers managed to break through them. "We built layer upon layer of protection, but they found a way in. We are now restoring the data bit by bit and at the same time closing all the ‘holes’ we can see," say Prometey's IT specialists. At the same time, the attack has not stopped yet: attempts to put pressure on the system continue, and the team is forced to simultaneously restore the operation of services and restrain new waves of interference.
Prometey also reports signs of a possible “Russian trace,” which was detected based on preliminary analysis of activity and IP addresses from which the connections were made. The company says that in its many years of operation, this is the first cyberattack that has caused such extensive damage. If the hackers do not back down in the near future, Prometey says it intends to contact the cyber police. They hope that specialized law enforcement agencies will be able to “fight back” against the hacker attack on the company and find the fraudsters.
