The University of Jute became the latest victim of ransomware attacks, with hackers being paid nearly half a million dollars not to publish sensitive information on the Internetnetwork.
Although no details have been released on the type of ransomware used for the attack, the university confirmed that the infection affected 0,02% of data which are stored on its servers and that the exposed information belonged to employees and students.
The university restored the data using backups, and no central university system information technologys was not compromised, but the payment was necessary because the hackers threatened to release the stolen information on the Internet.
"After careful consideration, the university decided to work with the cyber insurance company and pay the ransomware attacker a fee. "This was done as a precautionary measure to ensure that information would not be circulated on the Internet," the University of Utah explained in announcement on his page.
The university ended up paying over $ 457.000 to the hackers and part of the ransom was covered by the cyber insurance policy.
"CSBS servers were immediately isolated from the rest of the university and the Internet. The university informed the appropriate law enforcement authorities and ISO began to actively investigate the matter. "An external consultant specializing in handling these situations was also hired to support the investigation," the public statement said.
The university advises students and staff to continue to use strong passwords access and change them on a regular basis to make it harder for attackers to get into their accounts.
However, the university admits that others may still exist in its systems vulnerabilities, but additional security upgrades are currently underway, including moving all college systems to centralized services for improved protection.
I wanted to know which "insurance company" proposes to pay a ransom to criminals.
Something "stinks" to me in this case.
And not in order to get back, but in order not to leak the 0,02% data on the internet. As if you were right…