A ransomware attack knocked out Campari

At the beginning ofa> November, the attack that knocked out the IT systems of the multinational aperitif and demanded a ransom. The sites restored

The Campari logo outside the group's headquarters (Miguel Medina / Afp via Getty Images) Campari, the Italian aperitif giant, was the victim of a ransomware attack that knocked out a large part of the IT network . The company thus joins the list of large Italian companies that have ended up in the crosshairs of cybercrime, including Enel, Luxoottica, Geox and Carraro.

The attack that affected the IT infrastructure of the multinational wine producer, liqueurs and soft drinks since 1860 took place in the first weekend of November. The same company promptly issued a press release informing that allegedly on November 1 the company was the victim of what they call a malware attack. The virus responsible for the attack would be the Ragnar Locker ransomware.

The English cybersecurity company Sophos explains that, after being downloaded by the victim, the ransomware hides itself using a virtualbox that allows the host operating system to share folders and drives as if it were a simple network share inside a virtual machine.

With this ploy, attackers claim to have stolen 2 Terabytes of unencrypted files and have made a ransom note of value of 15 million dollars. Furthermore, using the ransomware, the attackers would have encrypted most of Campari's servers, blocking the computer network in 24 countries.

The company has temporarily suspended its IT services and is now working on what they have called a "progressive reboot in safe conditions". Meanwhile, the company is collaborating with the competent authorities to shed light on the incident as required by national and international regulations. In the meantime, the Campari group sites are back online and the emergency seems to be back.