Utah University ransom payed even with backups 🎭

Fighting off a ransomware attack doesn’t end up with having proper backups. Trend now changed a lot

University of Utah revealed it paid $457,059 to a ransomware gang, despite successfully restoring the school’s IT systems following the attack.

The university decided to give in because the hackers also stole some private data from the school, which they apparently threatened to leak. “After careful consideration, the university decided to work with its cyber insurance provider to pay a fee to the ransomware attacker. This was done as a proactive and preventive step to ensure information was not released on the internet,” . School informed

The unnamed ransomware was able to take down the department’s servers by encrypting the information inside. Fortunately, the school restored the systems using backup copies.

The school’s investigation found that the attack only affected “0.02 percent” of the data on the servers. Nevertheless, the hackers gained access to employee and student information before encrypting the servers, so the school decided to pay up.

It’s not clear which ransomware strain was behind the attack, and how the initial infection occurred. The university filed a data breach report, indicating an attack occurred through a phishing email, which ended up affecting data on 10,000 people.

Antivirus provider Emsisoft suspects the Netwalker ransomware gang may have been behind the attack, citing how the hackers have been tied to a string of attacks on universities. Other ransomware gangs, including Maze and Revil, will also resort to stealing data from victims’ computers before encrypting the information inside.

The University of Utah says its insurance provider covered part of the ransom while the school paid the rest. “No tuition, grant, donation, state or taxpayer funds were used to pay the ransom,” it added.

The vulnerability the hackers leveraged to launch the ransomware has also been patched. However, the university says it needs to centralize the school’s IT systems to help it guard against future attacks.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s