Ransomware hacker fled fle114 million from Top medical school

Ransomware hacker fled fle114 million from Top medical school

A leading US medical school and research university was the victim of a ransomware attack that forced it to pay $114 million to cybercriminals

On June 1, hackers encrypted the servers of the UCSF School of Medicine in a "Netwalker" ransomware attack targeting the University of California, San Francisco

The university's IT department identified the attack and took mitigation measures, but were unable to stop the hackers from encrypting numerous files Therefore, the school paid a ransom to decrypt the files

In an article posted on the university's website on June 26 (and reported by the BBC), a UCSF administrator wrote "We stopped the attack while it was happening, but the attackers launched malware that encrypted a limited number of servers within the School of Medicine, temporarily disabling access to them

"Since then, we have been working with a leading cybersecurity consultant and other outside experts to investigate the incident and strengthen our IT system defenses We plan to fully restore the affected servers in the near future"

UCSF has schools of medicine, dentistry, nursing, pharmacy, research facilities, and teaching hospitals in San Francisco; UCSF is the health sciences division of the University of California system and does not teach undergraduate students

The graduate school said the encrypted data was "critical to some of the academic work we pursue as a university serving the public interest," and as a result, the school felt it had no choice but to pay the amount

The school's submission continued, "We made the difficult decision to pay a portion of the ransom, approximately $114 million, to the individuals behind the malware attack in exchange for tools to unlock the encrypted data and the return of the data they had obtained"

While the investigation is still ongoing, UCSF stated that "the malware encrypted our servers in an ad hoc manner" and that the ransomware attack "did not target any specific geography"

The university added, "The attackers obtained some data as evidence of their actions to use in demanding ransom payments We are continuing our investigation, but do not currently believe that any patient medical records have been compromised"

"We continue to work with law enforcement and appreciate your understanding that there is a limit to what we can share as we continue our investigation"

The BBC also stated that it is "working with law enforcement to identify the source of the breach

The BBC was privy to the university's online negotiations with the perpetrators, who once demanded $3 million because the University of California "makes billions of dollars a year"

Indeed, the entire University of California system is non-profit and partially funded by state tax dollars The two sides eventually settled for $114 million, paid in Bitcoin

Categories