Ransomeware attacks at Universities are still very rampant and earlier this month, the infamous Netwalker Gang made off with a cool US$1.14m at the expense of a research lab at the University of California San Francisco (UCSF).
The research being conducted was reported to be on a possible cure for the COVID-19 virus. The data on the computers being used for the research was infected with Ransomware – a malicious code that encrypts the files so that they are not usable. In order to recover the files to a reusable state, a ransom is demanded. The ransom is paid in Bitcoin which makes it very difficult, or sometimes impossible to trace, leaving the victim with a lot less cash and hopefully, unencrypted files.
It’s really a gamble when negotiating with hackers. The level of anonymity used is impressive to say the least so you never really know who or what you are negotiating with. Fear is the emotion which they prey upon and the greater your fear, the more you might be willing to pay. That coupled with the fact that the encrypted research work might be worth millions of dollars also make the stakes high.
Who is to say as well that the hackers didn’t keep a copy of the research to be sold on the black market to the highest bidder!
Those in the computer forensic and cyber security industry would often recommend not to pay the ransom. You can never be sure if you’re going to get back your data. Paying the ransom adds to the hackers finances and encourages them to continue their illegal activities.
It is therefore recommended to keep an offline backup of critical data / research. The 3-2-1 backup strategy is a good method to employ whether you’re dealing with next Friday’s Math assignment or a multi-million dollar funded research project.
Universities continue to be a playing ground for hackers. Under the veil of academic freedom, combined with a culture of openness and information-sharing often cause conflict with the rules and controls needed by security engineers to effectively protect the users and systems from attack.
It is only until you become affected (or infected), then you realize that the risks of openness does not always outweigh the perceived inconveniences of enhanced security measures.1