The Spanish National Research Council (CSIC) suffered a ransomware attack last month.
In a statement on Tuesday, the agency shared details of the attack, saying the majority of its centers were still disconnected and unavailable, and only slightly more than 25% of them are online.
According to the research agency, the ransomware attack occurred over the weekend of July 16-17 and was discovered on Monday, July 18. After the attack was discovered, the agency activated the protocol from the Cybersecurity Operations Center (COCS) and the National Cryptologic Center (CCN).
To curtail the spread of the intrusion, CSIC isolated several of its research centers from the network. While CSIC did not specify whether any of its systems were encrypted, ongoing investigations found no evidence that the attacker stole sensitive information.
Security experts claim that the attack originated from a Russian threat actor and while it is not entirely clear, the agency appears to indicate that the attack was the work of a cybercriminal gang.
CSIC is part of the Spanish Ministry of Science and Innovation and is mainly responsible for scientific research and technological development.
The sources for this piece include an article in BleepingComputer.