Join our subscribers
UCSF paid $1.4 million ransom in NetWalker attack
Monday, June 29, 2020
The university said it quarantined several systems and isolated the incident from UCSF’s core network, explaining that the attack didn’t effect patient care delivery or its work on COVID-19.
Noting that “the disclosed technical details of the attack are obscure and insufficient to derive definitive conclusions about the origins and nature of this exorbitant incident,” ImmuniWeb Founder and CEO Ilia Kolochenko said given the use of the well-known NetWalker malware, “we may, however, assume that the attack exploited a lack of IT asset visibility, improperly implemented security monitoring or patch management.”
Kolochenko said “Public schools frequently save money on cybersecurity, trying to invest budgets into apparently more appealing areas to deliver more value for students and society,” leaving them vulnerable to exploitation by “unscrupulous attackers” waiting to pounce. “Covid-19 largely exacerbates the situation with the surge of shadow IT, abandoned servers and unprotected applications serving as an easy entry point into disrupted organizations,” he said. “Cryptocurrencies turn cyber extortion and racketeering into a highly profitable and riskless business given that in most cases the attackers are technically untraceable and thus enjoy impunity.” Read Full Article
Newsweek: Activists Drop 270GB 'BlueLeaks' File of Internal Police Documents Online
SecurityWeek: Twitter Suspends Account of Organization Behind Police Leaks
