University Of Utah Gets Hit By Ransomware And Data Theft…. And Pays Up

In a strange twist, The University of Utah supports cybercriminals with a “donation” of $457,000 to support future attacks. Or put another way, they got hit by ransomware and paid up:

“On Sunday, July 19, 2020, the university’s College of Social and Behavioral Science (CSBS) was notified by the university’s Information Security Office (ISO) of a ransomware attack on CSBS computing servers. Content on the compromised CSBS servers was encrypted by an unknown entity and no longer accessible by the college,” the University of Utah disclosed.

The attack encrypted the servers in the university’s College of Social and Behavioral Science (CSBS) department. As part of the attack, the threat actors stole unencrypted data before encrypting computers.

Since the end of 2019, ransomware operators have started stealing unencrypted files before deploying their ransomware. The ransomware gang then threatens the victims by saying they will publicly leak the stolen files if a ransom is not paid.

As the stolen data contained student and employee information, the university decided to pay the ransom to prevent it from being leaked.

“After careful consideration, the university decided to work with its cyber insurance provider to pay a fee to the ransomware attacker. This was done as a proactive and preventive step to ensure information was not released on the internet,” stated in their data security incident notification.

The university states that their cyber insurance policy paid a ransom of $457,059.24 USD and that no “tuition, grant, donation, state or taxpayer funds were used to pay the ransom.”

I get why companies pay the scumbags behind these attacks, but they shouldn’t. All paying up does is encourage these low life losers to do more attacks. After all they got paid. So why not try again and see if you get paid again. That’s wrong and should not be encouraged. Until people stop paying up, this activity will simply continue.

Leave a Reply

%d bloggers like this: