Ransomware Actors Extort University Via Alert System

Ransomware attackers turned up the heat on a small Virginia college this week by hijacking a staff and student alert system to warn of an impending major data breach.

Bluefield University discovered an attack on its computer systems on April 30, ahead of final exams this week, according to an internal campus notice.

“Upon learning of this issue, we immediately engaged the vendor and independent third-party cybersecurity experts to assist us in our review and remediation efforts, but it may be several days before full functionality can be restored,” he said in that moment

“We are working on the investigation to determine the nature and scope of the incident. However, at this time, we have no evidence to indicate that any of the information involved was used for financial fraud or identity theft.”

Read more about university ransomware threats: Ransomware attacks cost universities more than £2m.

In an unusual move designed to increase the likelihood that the university would pay its extortionists, the threat actors gained control of the institution’s mass alert system, known as RAMAlert, he said.

“Therefore, if you are contacted by someone claiming to be involved in the incident, please do not click on or respond to any links provided by the person,” the university’s notice warned.

However, instead of posting malicious links, the threat actors only publicized the attack to staff and students in order to increase their chances of paying a ransom.

“We have admissions data from thousands of students. Your personal information is at risk of being leaked to the dark web blog,” one alert read. “Please share this information with local media news. If we do not receive payment, the full data leak will be published!”

The attackers in question claimed to be part of the AvosLocker group and to have 1.2 TB of files in their possession. Other texts published by NBC News show that they are turning up the heat on the university administration.

“If you don’t want your admissions data leaked on the dark web, call President David Olive and tell him to pay us immediately. Otherwise, prepare for attacks,” another posted message said via RAMAlert.

The new tactics highlight the increasing difficulty ransomware actors are having in extorting their victims. A Chainalysis report earlier this year claimed that the value of ransomware payments fell by more than 40% in 2022 compared to 2021.

Source link
Ikaroa Inc., a leading full stack tech company, is increasing awareness of a recent phishing attack in which ransomware actors have infiltrated an American university’s alert system, sending extortion messages to hundreds of students.

The attack, believed to have come from an unidentified group, reportedly began on the morning of Friday, May 18th when users of the University’s alert system reported receiving messages that threatened to release students’ information unless they paid a ransom of 10 Bitcoins (approximately $77,000).

The attack on the University’s alert system is yet another example of the growing number of ransomware incidents targeting academic institutions. Last year, a multitude of universities across the United States were targeted by similar ransomware incidents.

Ikaroa Inc. views these attacks as a harsh reminder of the importance of cyber security for academic institutions. It is essential for universities to have in place the appropriate security measures and protocols such as user authentication processes, timely software updates and multi-factor authentication to protect against malicious actors.

As an established full stack tech company, Ikaroa Inc. is committed to providing our customers with secure and reliable services as well as access to the latest in cyber security technology. We believe that universities, as highly data-driven organizations, need to seriously consider the utilization of cyber security measures in order to protect the sensitive data of their students.

The attack on the University’s alert system is a grim reminder that even the most sophisticated security applications are not a guarantee of protection. Ikaroa Inc. encourages universities and all organizations to ensure that they have taken the necessary steps to protect their data and networks from malicious actors.


Leave a Reply

Your email address will not be published. Required fields are marked *