Bitcoin ransomware is on the rise.
Ransomware Comes in a Big Way
During the present COVID scare, many malicious actors have used the unstable environment to their advantage and sought new ways of garnering funds that they have no right to. There have been an increasing number of coronavirus-related scams meandering about, with many nasty individuals looking to sell fake masks or garner bitcoin donations for fake organizations claiming to be the World Health Organization (WHO) or the Red Cross.
But ransomware is an entirely different attack. This occurs when hackers gain control of a person’s digital device, computer, or laptop. They then lock up the person’s most important data and lay claim to it, saying that the only way they’ll unlock the data (as it become encrypted) is if the victim agrees to pay a bitcoin or other digital fee in exchange for access to their information. This has presented something of a conundrum over the years, as many institutions refuse to pay the money, meaning that they either never regain access to their data or it’s a long time before they can reopen their systems.
Either way, a ransomware attack is unique in that the hackers let the person know right up front that they’re being victimized. The most recent ransomware subject was the University of California, San Francisco, which says it was recently forced to pay more than $1 million in digital currency funds to a group of hackers after they had garnered control of the school’s networks and encrypted their data.
The university’s School of Medicine awoke one day to find all its servers encrypted, meaning nobody in the department could access the necessary data. The school says it had no choice but to pay the ransom, which in this case, came out to about 116.4 bitcoins (or $1.14 million).
In a statement, the university explained:
The data that was encrypted is important to some of the academic work we pursue as a university serving the public good. We therefore made the difficult decision to pay some portion of the ransom, approximately $1.14 million to the individuals behind the malware attack in exchange for a tool to unlock the encrypted data and the return of the data they obtained.
Settling the Terms
While it is unclear what information the hackers had obtained at press time, university executives are confident that the hackers did not gain access to patient medical records, and thus they should not worry about privacy issues.
The organization behind the attack is said to be Netwalker, which initially set a ransom exceeding $3 million. Following a short period of negotiation, the university and the hackers settled at the $1.14 that the school ultimately paid. The university says that it’s currently working with law enforcement to better understand – and get to the bottom of – the attack.