You have commented 339 times on Rantburg.

Your Name
Your e-mail (optional)
Website (optional)
My Original Nic        Pic-a-Nic        Sorry. Comments have been closed on this article.
Bold Italic Underline Strike Bullet Blockquote Small Big Link Squish Foto Photo
Submit your comments on this article
Cyber
University of California SF pays ransomware hackers $1.14 million to salvage research
2020-07-01
[ZDNET] The University of Caliphornia, an impregnable bastion of the Democratic Party, at the Socialist paradise of San Francisco
...where God struck dead Anton LaVey, home of the Sydney Ducks, ruled by Vigilance Committee from 1859 through 1867, reliably and volubly Democrat since 1964...
 (UCSF) has admitted to paying a partial ransom demand of $1.14 million to recover files locked down by a ransomware infection.

The university was struck on June 1, where malware was found in the UCSF School of Medicine's IT systems. Administrators quickly attempted to isolate the infection and ringfence a number of systems that prevented the ransomware from traveling to the core UCSF network and causing further damage.

While the school says the cyberattack did not affect "our patient care delivery operations, overall campus network, or COVID-19 work," UCSF servers used by the school of medicine were encrypted.

Ransomware can be particularly destructive as once a system is compromised, content is encrypted and rendered inaccessible. Victims are then faced with a choice: potentially lose their files, or pay a ransom demand. Cyberattackers will often include a time limit for a decision to be made to ramp up the pressure to pay.

As shown in this case, blackmail demands can reach millions of dollars.

"The attackers obtained some data as proof of their action, to use in their demand for a ransom payment," the university said in a statement. "We are continuing our investigation, but we do not currently believe patient medical records were exposed."

Posted by:Fred

#12  Defending Against Malicious Cyber Activity Originating from Tor
Posted by: Skidmark   2020-07-01 14:36  

#11  Start with the relatives of the university's H1B1 IT staff's family and friends

Every 'foreign body' (and many domestic), is an Agent Provocateur.
Posted by: Skidmark   2020-07-01 13:43  

#10  Well, it's San Francisco. What did you expect?
Posted by: Abu Uluque   2020-07-01 12:54  

#9   #1 I wish there was a way to trace this payment...

Start with the relatives of the university's H1B1 IT staff's family and friends back in thier home countries who know as much about the Universities system topology and poor system management processes as the in house IT department.
Posted by: Crins Throlusing3119   2020-07-01 11:52  

#8  BTW, if the data was $1.14 million critical, it should have been red/black separated critical. That portion should have been closed off to access. Don't cross the black and red wires.
Posted by: Procopius2k   2020-07-01 07:52  

#7  California state tax-payers take a hit.
Posted by: b   2020-07-01 07:39  

#6  Yeah, exactly. They should have been able to restore from backup. But they either didn't have backups, or their backup solution was shoddily implemented and un-restorable. Either one points the finger solidly at the university.

Ransomware attacks are like the weather. Whose fault is it if your roof caves in, the thunderstorm's?
Posted by: Maggie Poodle6767   2020-07-01 07:26  

#5  The kidnappers just got 1.14 million more reasons to continue what they're doing.

Blame the university for not securing its files. Computer security is well-understood today, not implementing it shows corruption or laziness at the top of the institution.
Posted by: Maggie Poodle6767   2020-07-01 07:24  

#4  Failure to perform fundamental security and backup*. Too much of a hassle. $1.14 million dollars worth of laziness and attitude.

* a day, a week, a month. It's so bothersome and think of all the storage costs. (so do I need to put a /sarc on that?)
Posted by: Procopius2k   2020-07-01 03:49  

#3  Is 'ringfence' the new word for unplugging routers & switches?
Posted by: Raj   2020-07-01 00:36  

#2  And kill whoever facilitated it as well, bankers and server operators, and bot-net operators, and software developers who wrote the malware. Accomplices. Might serve as a bit of a deterrent.
Posted by: Marilyn Tojo7566   2020-07-01 00:28  

#1  I wish there was a way to trace this payment. And simply kill whoever took it, all of them.
Posted by: Marilyn Tojo7566   2020-07-01 00:26  

00:00