The University of Utah Pays $457,000 to Ransomware Gang

Cybersecurity My20it21ch. todayAugust 13, 2020 4

share close

Last July 19th, the University of Utah -their servers, to be exact- suffered from a ransomware attack that made the servers be inaccessible for a short period of time. After the attack, the university made the decision to pay the amount of $457,000 to the attackers in order to avoid the information being leaked or sold.

This is not the only university

This is not the only higher education institution that suffered an attack lately. The University of California in San Francisco, Columbia College Chicago, Seattle City University and Michigan State University were also attacked this year.

Lately, this type of entities are the target of similar attacks, and there are more and more cases where an institution’s vulnerabilities are exploited to infect it and even take over the information.

The attack was mainly focused in the CSBS (College of Social and Behavioral Science). Even though the University of Utah has not made a statement regarding any suspects for the attacks, threat and cybersecurity experts believe that this attack may have been done by the ransomware gang NetWalker.

What is the amount paid?

It is believed that this group had a profit of more than 25 million dollars through ransomware payments during this year alone. The University of California paid $1.14 million to this gang.

The attack was successful due to a vulnerability that was exploited by the attackers. On July the 29th, the educational institution took measures like stronger passwords for their staff and student, as well as working in building a more protected and safer environment for that information.

Systems are monitored 24/7 and it is also said that the vulnerability that caused the attack has been already fixed. They will also unify one Active Directory to reduce the possibility of being attacked.

What is the level of damage?

When a ransomware attack takes place, the priority will always be to identify the sources of the attack and what are the steps to prevent it in the future. Regarding the encrypted information, there is a very low chance that the information is returned to us if we pay the ransom the attacker is asking for.

This is why it is not advisable to listen to the petitions of any attacker since this gives us only a “verbal promise” that our information will not be leaked or used with illegal purposes.

In this case in particular, it is possible that even after paying the ransom there is no guarantee that the information won’t be sold in places like the dark web, where criminals pay high amounts of money for users’ data to be used in phishing and malware attacks, for example.

Finally, it is good to comment that The best “solution” for an attack like this is prevention, vulnerability detection and constant monitoring to avoid a ransomware attack that can affect thousands of users like for the University of Utah.

Here at My IT Channel, we always have the top next-generation for you to have complete visibility over what happens in your company and protect your data from any cybercriminal. If you would like to know how to prevent an attack like this in your own network, please click here to see our service/product portfolio.

You can see the University of Utah original statement here.

Thank you for reading! We hope you liked it.

Share this post on your social media and leave a comment below with your thoughts on this blog.

If you want to see more from where this came from, subscribe to our newsletter.

See you next time!

Written by: My20it21ch.

Tagged as: .

Rate it