Il ransomware continues to sow victims all over the globe. The latest in this sense is the University of Utah, forced to pay nearly half a million dollars to prevent the disclosure of her data by the hackers who had taken control of her computer systems.
This was revealed by the academic authorities, who claimed to have been victims of an attack in the past 19 July. An attack in which 0,02% of the data stored on the servers was encrypted. It has not been clarified, for the moment, whether the payment took place in Bitcoin or by means of cash.
The work of the cybercriminals was directed to the servers of the university's College of Social and Behavioral Science, from which data relating to students and employees were stolen. At this point the hackers threatened to leak the stolen data online, forcing the university to pay the sum of $ 457.059.
A decision that the university leaders reached in a short time, pushed to do so also by the fact that part of the ransom was covered by the insurance which had been stipulated previously.
Who is behind this ransomware attack?
As for those responsible for the attack, it was Brett Callow, an analyst at the cybersecurity company Emsisoft, to state that the suspicions concern a group of hackers known as NetWalker. Which had already been noted earlier for similar attacks, to the detriment of schools.
Among the victims in recent weeks, Columbia College in Chicago, Michigan State University and the City University of Seattle. But most of all, the University of California at San Francisco, forced to pay 1,14 million dollars to hackers after a week of heated negotiations in early August.
A very large loot
According to another cybersecurity firm, McAfee, just NetWalker would have scrapped the remarkable sum of 25 million dollars from March to today. This was stated in a recent study in which McAfee researchers specified that they had discovered a large sum of Bitcoins linked to NetWalker. A discovery which leads to a precise conclusion: the attacks of the group are very effective and the victims are left with only one way, the payment of what is requested. A path that for many is practically obligatory.
Ransomware: Hackers' favorite currency is Bitcoin
Callow himself then recalled that the virtual currency preferred by hackers is Bitcoin, which guarantees greater speed in transactions. Followed by Monero, which is able instead to ensure greater levels of confidentiality.
At the same time, analysts report how the payment of the ransom does not give any certainty to the companies affected by the attacks. In fact, it may happen that the stolen data have some value that can be further exploited. Consequently, prompting hackers to offer them on the Dark Web markets. Precisely for this reason, cyber security companies continue to suggest not paying what is requested by attackers.
The problem is that very often organizations affected by ransomware are left with no other choice. Especially in the case of hospitals, for which the blocking of the computer systems can prove to be a gigantic damage, as in this case the medical records of the patients are affected.