2 min read

Ransomware extorts Los Angeles school to the tune of $28,000

Graham CLULEY

January 10, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Ransomware extorts Los Angeles school to the tune of $28,000

Blackmailers have claimed another scalp, extorting US $28,000 from a school hit by a ransomware attack.

Los Angeles Community College District (LACDD) agreed to pay the hefty ransom demand to criminals who successfully infected the network of Los Angeles Valley College (LAVC) in a ransomware attack on December 30th, 2016.

It’s always disappointing, of course, to hear that a ransomware attack has again resulted in a payout for criminals, but it’s understandable how some organisations might have to make a difficult pragmatic decision if it has few other options open to it.

That certainly seems to be the case with LAVC, which in an FAQ about the incident, explained that it felt it was unlikely to be able to recover its data without paying the sizeable ransom:

“It was the assessment of our outside cybersecurity experts that making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee that data would be lost.”

College president Erika Enrijonas explained how the unnamed ransomware disrupted computer activity, as well as internet access, email and voicemail systems. As with the majority of ransomware attacks, there is nothing to indicate that the college was deliberately targeted.

No mention is made as to whether the college had secure backups which it could use to recover its systems (and thus avoid paying the criminals who had attacked it). Instead, the LAVC’s FAQ describes how it was insured against cybersecurity incidents:

“The District has a cybersecurity insurance policy to address these specific types of cyber intrusions and it was activated during this incident. While much time will pass before this matter is resolved, we have already availed ourselves of the resources provided by the policy, including assistance of cybersecurity experts.”

After paying the ransomware attackers US $28,000, the college received a decryption key to unlock their encrypted data. That, of course, is not the end of the story – as Enrijonas admits:

“The process to ‘unlock’ hundreds of thousands files will be a lengthy one, but so far, the key has worked in every attempt that has been made.”

Ransomware attacks are on the rise, and a disappointing number of organisations are finding themselves with precious few options other than to reward the criminals who attacked them.

Even police departments are reported to have given in to online criminals and paid cash to get their data back after being hit by ransomware.

No business wants to give in to blackmail and pay an extortionist. What Los Angeles Valley College decided was that it didn’t have any other option. A sensible secure backup policy and adequate defensive measures might have opened opportunities to avoid paying the ransom.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials
Silviu STAHIE

November 26, 2021

1 min read
Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group
Filip TRUȚĂ

November 26, 2021

1 min read
Couple arrested for secretly installing cryptomining software on department store PCs Couple arrested for secretly installing cryptomining software on department store PCs
Graham CLULEY

November 26, 2021

1 min read