University pays hackers more than a million dollars worth in Bitcoin in ransomware attack
Ransomware attack breaches the system of a university in California.
Tue, 30 Jun 2020, 15:34 pm UTC
A ransomware attack targeted a university in California recently affecting some servers in its School of Medicine. Unfortunately, the affected files proved to be very important as the educational institution gave in to the cybercriminals’ demand of a million-dollar ransom paid in cryptocurrencies.
The UCSF School of Medicine, University of California’s medical school, was targeted by a ransomware attack that eventually affected a limited number of servers, according to Cointelegraph. The UCSF IT staff was able to detect the intrusion and was able to isolate affected areas. Unfortunately, the hackers were able to successfully deploy the ransomware and the servers became inaccessible.
“The data that was encrypted is important to some of the academic work we pursue as a university serving the public good,” the University of California said in a statement. “We, therefore, made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to the individuals behind the malware attack in exchange for a tool to unlock the encrypted data and the return of the data they obtained.”
The attack was launched by the NetWalker group, according to CBS San Francisco. After it was confirmed that the servers were already inaccessible due to ransomware, the university’s administration entered into a covert negotiation with the hacker group.
University officials wanted the ransom amount to be reduced to $780,000. However, the hackers rejected the offer and warned that they will only accept $1.5 million so that “everyone will sleep well.” Eventually, the hackers accepted a final offer made by the university amounting to $1,140,895.
The next day, university staff sent 116.4 Bitcoin (BTC) as the ransom payment. In return, the hackers sent the decryption software which gave the university access to their files.
“While public and private sector entities in the U.S., Europe and Australasia are the most common targets for ransomware groups, entities in other countries are frequently targeted too,” ransomware expert and threat analyst Brett Callow told Cointelegaraph. “And as ransomware attacks are now data breaches, the risks associated with these incidents are greater than ever — both to the targeted organizations and to their customers and business partners.”
<Copyright © TokenPost. All Rights Reserved. >