Computer Security Ransomware Attack Retrieves $0.5 Million From Utah...

Ransomware Attack Retrieves $0.5 Million From Utah University

utah university ransomware attackThe University of Utah has fallen prey to a ransomware attack that eventually retrieved employee and student data. On July 19, 2020, the infection brought its actors around $0.5 million after the educational institution agreed to pay the required ransom amount.

Point of Infection

Although details about the infection are few and far between, it reportedly struck the computing servers of the University's own College of Social and Behavioral Science (CSBS). As a result, the malware started encrypting the server content, rendering it inaccessible to the college staff. Moreover, the security breach also retrieved roughly 0.2% of the data stored on the affected servers before the institution's Information Security Office (ISO) succeeded in containing it. Thanks to a collaboration with an external anti-ransomware organization, the University of Utah blocked off the compromised servers to keep its central IT systems intact.

Backup Restore and Password Changes

The CSBS created regular system backups, which helped them restore every encrypted file and resume normal operations. Nevertheless, the university and its cyber insurance provider made a joint decision to split the burden and pay the ransom fee of $457,059.24. That move aimed to prevent any stolen data from landing on the open Web. No other infection details have reached the general public yet. However, they do have got to law enforcement agencies that are currently investigating the issue.
After scouring out the CSBS servers, the ISO urged every employee to start changing their passwords regularly and apply two-factor authentication when possible.

Combined with the university's robust 24/7 surveillance technology, it should provide sufficient protection against incoming malware threats. That said, there are still vulnerable spots here and there caused by the independent college networks. Luckily, the ISO has reportedly started uniting those networks in a centralized university network, which should make any future incidents less likely to occur in the first place.

Loading...