Expert Comments

Comment: University of California paid £1 Million ransom to Cyber criminals

Expert(s): Security Experts
Expert(s): Security Experts

The University of California in San Francisco (UCSF) says it has paid cybercriminals $1.14 million (£1 million) to decrypt a “limited number of servers” in its School of Medicine, which were hit by ransomware this month.

Experts Comments

Dot Your Expert Comments
Marcus Fowler
June 29, 2020
Director of Strategic Threat
Darktrace

The key to preventing ransomware is understanding what normal looks like for a digital environment and having an autonomous response in place.
Criminals continue to focus ransomware on targets they can pressure to pay, including hospitals, healthcare, cities/municipalities, and schools, especially higher educational institutions and those involved in research. Research data and information is difficult, if not impossible, to replace depending on the experiments and data collected. This makes it valuable to cyber-criminals, and also critical to defend. The BBC article showcases a number of the levers the attackers used to pressure the.....Read More
Criminals continue to focus ransomware on targets they can pressure to pay, including hospitals, healthcare, cities/municipalities, and schools, especially higher educational institutions and those involved in research. Research data and information is difficult, if not impossible, to replace depending on the experiments and data collected. This makes it valuable to cyber-criminals, and also critical to defend. The BBC article showcases a number of the levers the attackers used to pressure the university to pay, such as public declaration, release of data, and limited time frame. The visual of ‘staff running around unplugging machines to prevent the spread’ gives a good sense of the speed with which the attack occurs. The security teams defaulted to the most immediate and dramatic response – physically unplugging machines. The key to preventing ransomware is 1) understanding what normal looks like for a digital environment so that you can identify the smallest deviations that reveal the earliest signs of a cyber-attack, and 2) having an autonomous response in place to stop attacks in the earliest moments and prevent any disruption to business operations.  Read Less
Ilia Kolochenko
June 29, 2020
CEO
ImmuniWeb

We will likely see a steady growth of ransomware hacking campaigns targeting the public sector in 2020.
The disclosed technical details of the attack are obscure and insufficient to derive definitive conclusions about the origins and nature of this exorbitant incident. In light of the well-known malware reportedly used in the attack, we may, however, assume that the attack exploited a lack of IT asset visibility, improperly implemented security monitoring or patch management. Public schools frequently save money on cybersecurity, trying to invest budgets into apparently more appealing areas to.....Read More
The disclosed technical details of the attack are obscure and insufficient to derive definitive conclusions about the origins and nature of this exorbitant incident. In light of the well-known malware reportedly used in the attack, we may, however, assume that the attack exploited a lack of IT asset visibility, improperly implemented security monitoring or patch management. Public schools frequently save money on cybersecurity, trying to invest budgets into apparently more appealing areas to deliver more value for students and society. Unfortunately, the road to hell is paved with good intentions, and unscrupulous attackers readily exploit any inadequate resilience and unpreparedness to extort money. Covid-19 largely exacerbates the situation with the surge of shadow IT, abandoned servers, and unprotected applications serving as an easy entry point into disrupted organizations. Cryptocurrencies turn cyber extortion and racketeering into a highly profitable and riskless business given that in most cases the attackers are technically untraceable and thus enjoy impunity. We will likely see a steady growth of ransomware hacking campaigns targeting the public sector in 2020.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

Microsoft Multiple 0-Day Attack – Tenable Comment

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

IoT Security In The Spotlight, As Research Highlights Alexa Security...

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Expert Reaction On Solarwinds Blames Intern For Weak Passwords

Expert Reaction On Go Is Becoming The Language Of Choice...

Experts On Google Voice Outage

Expert Reaction On GCHQ To Use AI In Cyberwarfare

Comment: Hackers Break Into ‘Biochemical Systems’ At Oxford Uni Lab...