Check Point experts talked about an interesting case: scammers stole a million dollars, quietly invading…
The incident occurred on June 1, 2020, and the university fell victim to the NetWalker ransomware: malware operators announced a hack on their website on darknet, posting as evidence some stolen files.
UCSF representatives claim that they were able to restrain the spread of the malware soon after its discovery, although the attack still affected some systems.
So, according to official data, the School of Medicine’s network was isolated to prevent the development of an attack (some of the servers were still encrypted), and the main USCF network was not affected. As a result, the incident did not affect the provision of medical care to patients, the COVID-19 study, and did not affect the campus network.
“We quarantined several IT systems within the School of Medicine as a safety measure, and we successfully isolated the incident from the core UCSF network. Importantly, this incident did not affect our patient care delivery operations, overall campus network, or COVID-19 work. While we stopped the attack as it was occurring, the actors launched malware that encrypted a limited number of servers within the School of Medicine, making them temporarily inaccessible”, — told UCSF representatives.
Although the investigation of the incident has not yet been completed, it is currently believed that the medical records of the patients also did not fall into the hands of third parties.
Recall that also Maze operators attacked medical company, which is testing vaccine for COVID-19.
University experts believe that the attackers did not target specific servers, but encrypted the data that they could reach.” It is expected that the servers affected by the attack will fully return to work in the nearest future.
UCSF representatives note that the data encrypted during the attack was part of a socially important research. Because of the value of this information, management has decided to pay the attackers “some portion of the ransom, approximately $1.14 million”, for a tool to decrypt the data.
According to the BBC, the negotiator, acting on behalf of the UCSF, bargained with hackers for a long time, and first offered to pay them $780,000.
“This incident reflects the growing use of malware by cyber-criminals around the world seeking monetary gain, including several recent attacks on institutions of higher education. We continue to cooperate with law enforcement, and we appreciate everyone’s understanding that we are limited in what we can share while we continue with our investigation”, — said UCSF representatives.
Recall that also the UK National Cyber Security Center (NCSC) reported that cybercriminals attack the developers of a vaccine against coronavirus infection (COVID-19).
Kurlibat.xyz is a site that tries to trick you into clik to its browser notifications…
Initiateintenselyrenewedthe-file.top is a domain that tries to trick you into clik to its browser notifications…
Wotigorn.xyz is a site that tries to force you into subscribing to its browser notifications…
Initiateintenselyprogressivethe-file.top is a domain that tries to force you into clik to its browser notifications…
Nuesobatoxylors.co.in is a domain that tries to trick you into subscribing to its browser notifications…
Helistym.xyz is a site that tries to force you into clik to its browser notifications…