The University of California forced to pay $1.14 million ransom to Cybercriminals for securing important public data
The University of California is a public university system in the U.S. state of California. The system is composed of the campuses at Berkeley, Davis, Irvine, Los Angeles, Merced, Riverside, San Diego, San Francisco, Santa Barbara, and Santa Cruz, along with numerous research centers and academic abroad centers.
The University officials said that they lost control over their system after the Malicious Malware attack was exploited by the threat actors. To recover the control and the data present on the systems the university paid $1.14 million of ransom to the cybercriminals.
The University said that data encrypted in the attack (earlier attributed to the Netwalker ransomware family) was “important to some of the academic work we pursue as a university serving the public good. We, therefore, made the difficult decision to pay… for a tool to unlock the encrypted data and the return of the data they obtained.”
The school’s Information Technology staff detected a security incident on June 1 and the affected areas, described as “a limited number of servers in the School of Medicine,” were isolated from the UCSF core network. The attack left the servers inaccessible and malware uploaded during the breach encrypted data on the affected servers that were used by the attackers as proof of what had been perpetrated.
The attackers obtained some data as proof of their action, to use in their demand for a ransom payment. The university said that they continued the investigation, but did not currently believe patient medical records were exposed. The university said it is working with a cyber-security consultant and other outside experts to investigate the attack and bolster system defenses. The tainted servers are expected to be restored in the near future.
This incident reflects the growing use of malware by cyber-criminals around the world seeking monetary gain, including several recent attacks on institutions of higher education. We continue to cooperate with law enforcement, and we appreciate everyone’s understanding that we are limited in what we can share while we continue with our investigation.
said the university
The university authorities stated that they are conducting a thorough assessment of the incident and in order to preserve the integrity of the investigation, they cannot reveal too much information. The hackers known as Netwalker claimed to have taken credit for the conducted attack, sharing information of the same on their dark web blog.
They posted 4 screenshots of their successful breach in the UCSF’s network, on their blog, which contained acronyms that referenced the U.S. Centres for Disease Control and Prevention, which is central to the department of the university conducting the COVID treatments trials.
For more news on tech and cybersecurity stay tuned at Android Rookies by subscribing to our newsletter from here