Threat Watch

Ransomware Hits University of Utah

The University of Utah released a notification yesterday that they were the victim of a data breach and ransomware attack on July 19th, 2020. In the notification, they stated that the university’s College of Social and Behavioral Science (CSBS) was the victim of an attack that took their systems offline. As part of the attack, the cybercriminals also stole unencrypted data files before encrypting the server. The new normal is for attackers to steal data before encrypting servers and threaten to release the data if the ransom is not paid. The university decided to work with a cyber insurance provider to pay the ransom since the stolen data included student and faculty information. The university states that their insurance policy paid $457,059.24 and that no “tuition, grant, donation, state, or taxpayer funds were used to pay the ransom.”

ANALYST NOTES

Students and faculty of CSBS are advised by the university to monitor their credit history and banking statements for fraudulent or suspicious activity or charges. They are also advised to change all of the passwords that they use for logins. Since the primary method of infection is still exploitation of vulnerable servers and phishing attacks, all organizations are advised to keep servers up to date with security patches and to provide education for their employees to recognize and defend from phishing attacks before they have a chance to infect systems. The teams at Binary Defense stand ready to partner with organizations to help them better protect their data, brand and people from attacks by cybercriminals and avoid the situation of being pressured to pay a ransom at all.

Source article: https://www.bleepingcomputer.com/news/security/university-of-utah-hit-by-ransomware-pays-457k-ransom/