Michigan State University hit By Ransomware Gang – Cybersecurity Experts Insight

Michigan State University is being targeted with ransomware, and the attackers in this case made the announcementThe operators of the NetWalker (Mailto) ransomware said that they’ve infected the university’s network and have given MSU administrators a week to pay an undisclosed ransom demand to decrypt their files. If MSU officials refuse to pay or choose to restore from backups, the ransomware gang is prepared to leak documents stolen from the university’s network on a special website the group is operating on the dark web. NetWalker operators have already published five images on the site to support their claims. These include two images showing a directory structure allegedly from the university’s network, a passport scan for a student, and two scans of Michigan State financial documents.

Experts Comments

May 29, 2020
Colin Bastable
CEO
Lucy Security
More and more, we see that ransomware is not a technology issue per se. This is about human behavior. Exerting pressure, exploiting human weaknesses. Applying psychology to gain advantage. We have learned how the FBI leaked the dossier story, to create news, establish momentum and pressure Trump. The hackers have learned how valuable that approach can be in aid of their extortion. When you are in a knife fight, bring a gun! CISOs and their security teams keep turning up with penknives......Read More
More and more, we see that ransomware is not a technology issue per se. This is about human behavior. Exerting pressure, exploiting human weaknesses. Applying psychology to gain advantage. We have learned how the FBI leaked the dossier story, to create news, establish momentum and pressure Trump. The hackers have learned how valuable that approach can be in aid of their extortion. When you are in a knife fight, bring a gun! CISOs and their security teams keep turning up with penknives. Hackers are turn up with guns. Last week, we saw an attack on a law firm, in which the attackers took a page out of the media playbook, throwing Donald Trump into the mix to get maximum publicity, doubling the ransom demand and teasing out a few details. Now we see the attackers leaking and leading the news again, forcing the MSU attack onto the public forum. This increases the general fear of ransomware, at no cost to the hackers. Every university will now be checking their insurance for ransomware payments, which makes it more likely that ransoms can be paid in the future. We are not dealing with ethics here – it’s all about the money, with a side-helping of chaos. Incidentally, universities have HIPAA obligations, PCI obligations, PII obligations – so this could get messy.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts