New York City’s Monroe College has shut down the college’s computer systems at three of their campuses due to a ransomware attack that happened July 10th, 2019. It is currently unknown as to how the ransomware was loaded onto the system, but it is likely to be Ryuk, IEncrypt, or Sodinokibi, which are known viruses that attack enterprise networks. The attackers are demanding 170 bitcoins, or approximately two million dollars, to decrypt the college’s network. The college has yet to announce as to whether they plan to pay the ransom or restore from backups as they bring their network back online. Monroe College has released a statement saying that all classes are open and that they are diligently working on getting online access back up and running. This attack is just another in a long line of targeted ransomware that are requesting large payments to decrypt victim’s files. This trend will surely continue because attackers have become emboldened by the large payouts as seen from the two Florida cities that paid 1.1 million dollars last month. This has led to the United States Conference of Mayors to publish a non-binding agreement to not pay ransom demands in the future.
Analyst Notes
Having secure backups of files will always be the primary defense to a ransomware attack. Educating users in an organization’s network in proper cybersecurity practices is an invaluable investment into the security of a network. Organizations, large and small, should have policies and procedures on how to respond to cyber-attacks so that damage can be minimalized. Also having monitoring services such as the Binary Defense Security Operations Center that is capable of providing 24-hour monitoring services, will also help defend from possible attacks.
