University of Utah Pays in Cyber-Extortion SchemeUniversity of Utah Pays in Cyber-Extortion Scheme
Though a ransomware attempt was thwarted, the university paid to prevent the release of student PII.
August 22, 2020
The University of Utah says it paid more than $455,000 to criminals who attacked the school in a successful ransomware/extortion scheme last month. While the university says it thwarted the first part of the attack, with only 0.02% of data encrypted, it worked with its insurance company to pay to prevent the release of students' personally identifiable information (PII) exfiltrated in the second piece of the crime.
The University of Utah is not the first university to pay up this year. Indeed, extortion is growing as a component of attacks ranging from ransomware to distributed denial-of-service (DDoS), and criminal gangs are using to compel payment even when a primary attack is mitigated. While there are numerous examples of organizations paying to avoid the extortion component of an attack, experts warn against trusting the criminal organizations to honor their promises.
"The decision to pay a fairly important ransom will likely bolster sophisticated attacks against US universities that are already surging," says Ilia Kolochenko, CEO of ImmuniWeb. "Hackers will not necessarily honor their nebulous promises and release the data even after being fully paid."
Worse, experts say, data that is not publicly released may still be shared with identity theft and spear-phishing gangs for further exploitation of victims.
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks