The University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1.
According to CBS San Francisco, the UCSF IT staff first detected the security incident, stating that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.”
Although the areas were isolated by experts from the internal network, the hackers left the servers inaccessible and managed to deploy the ransomware successfully. A statement published by the University of California said:“The data that was encrypted is important to some of the academic work we pursue as a university serving the public good. [...] We, therefore, made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to the individuals behind the malware attack in exchange for a tool to unlock the encrypted data and the return of the data they obtained.” A negotiation took place between the hackers and UCSF
BBC News revealed that a covert negotiation between the UCSF officials and the gang took place, but didn’t end successfully.
The university’s officials first asked to reduce the ransom payment amount to $780,000, but the hackers rejected the offer, stating that if they accepted the reduced amount, it would be as if they had “worked for nothing.”
Netwalker then warned that they will only accept $1.5 million, and “everyone will sleep well.” Hours later, the UCSF staff asked for the steps to follow to send the payment and put a final offer of $1,140,895, which was accepted by the hackers.
The university’s staff then proceeded to send 116.4 Bitcoin (BTC) the next day to the ransomers’ wallets and received the decryption software.Risks associated with ransomware incidents are “greater than ever”
Speaking with Cointelegraph, Brett Callow, a threat analyst and ransomware expert at malware lab Emsis...