Home Uncategorized Covid-19: U.S University Pays $1.14M Ransom After Cyber Attack

Covid-19: U.S University Pays $1.14M Ransom After Cyber Attack

by asmaa

Dubai- AI Journalism

University of California San Francisco (UCSF) has paied $1.14M ransom after Covid-19 cyber attack

After a covert negotiation, A leading medical-research institution working on a cure for Covid-19 has admitted it paid hackers a $1.14m (£910,000) ransom, according to  BBC

Report said that Netwalker alone has been linked to at least two other ransomware attacks on universities in the past two months.

It attacked University of California San Francisco (UCSF) on 1 June.

Covid-19 cyber attack, where the staff unplugged computers in a race to stop the malware spreading.

Victim of hacking

At first glance, its dark-web homepage looks like a standard customer-service website

with a frequently asked questions (FAQ) tab

An offer of a “free” sample of its software and a live-chat option, report mentioned

But there is also a countdown timer ticking down to a time

when the hackers either double the price of their ransom

or delete the data they have scrambled with malware.

Instructed to log in – either by email or a ransom note left on hacked computer screens – UCSF was met with the following message, posted on 5 June.

Six hours later, the university asked for more time

It asked for details of the hack to be removed from Netwalker’s public blog.

Noting UCSF made billions a year, the hackers then demanded $3m

After a day of back-and-forth negotiations, 116.4 bitcoins were transferred to Netwalker’s electronic wallets and the decryption software sent to UCSF.

UCSF is now assisting the FBI with its investigations,

It told: “The data that was encrypted is important to some of the academic work

we pursue as a university serving the public good.

No more ransom

But Jan Op Gen Oorth, from Europol, which runs a project called No More Ransom, said: “Victims should not pay the ransom, as this finances criminals and encourages them to continue their illegal activities.

“Instead, they should report it to the police so law enforcement can disrupt the criminal enterprise.”

Brett Callow, a threat analyst at cyber-security company Emsisoft, said: “Organisations in this situation are without a good option.

“Even if they pay the demand, they’ll simply receive a pinky-promise that the stolen data will be deleted.

Report said that, Most ransomware attacks begin with a booby-trapped emaiI.

In the first week of this month alone, Proofpoint’s cyber-security analysts say they saw more than one million emails with using a variety of phishing lures, including fake Covid-19 test results, sent to organisations in the US, France, Germany, Greece, and Italy.

Organisations are encouraged to regularly back-up their data offline.

But Proofpoint’s Ryan Kalember said: “Universities can be challenging environments to secure for IT administrators.

“The constantly changing student population, combined with a culture of openness and information-sharing, can conflict with the rules and controls often needed to effectively protect the users and systems from attack.”

0 0 votes
Article Rating

Related Articles

Inline Feedbacks
View all comments