Digital Assets: University of California San Francisco Pays $1.14M Ransom to Crypto Hackers

The University admitted it paid the ransom because the hackers encrypted certain servers.
The University of California San Francisco said in a notice last Friday that it paid $1.14 million, a “portion” of a demanded ransom, to hackers who installed malware and encrypted its servers. The hacker attack, which the University describes as a “security incident,” took place in the UCSF School of Medicine’s IT environment on June 1. (UCSF)
UCSF ransomware attack
The University was able to segregate the core UCSF network from the incident and quarantined several of its systems in the School of Medicine. Even as the University was taking remedial measures, the bad actors were able to install malware onto a few servers and render them inaccessible.
The university said the attack was precipitated “opportunistically,” with no particular area being targeted. It confirmed that the incident did not damage the continuity of its patient care delivery operations, nor its COVID-19 work. Further, the overall campus network remained safe and patient records were not exposed.
However, the University admitted that the hackers obtained some data as proof of their action, to use in their demand for a ransom payment.
Encrypted data
“The data that was encrypted is important to some of the academic work we pursue as a university serving the public good,” the UCSF said. “We, therefore, made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to the individuals behind the malware attack in exchange for a tool to unlock the encrypted data and the return of the data they obtained.”
The UCSF said it was working with various cybersecurity consultants and experts to “investigate the incident and reinforce our IT systems defenses,” and that it expected to fully restore the infected servers soon.
The University did not disclose the manner of payment of the ransom.
BBC’s expose
The BBC, however, laid bare the details of the negotiation and ransom payment in an article on Monday. It said it received an anonymous tip-off that allowed it to track the discussions in a live chat on the dark web.
The criminals responsible for the attack on UCSF on June 1 were the notorious Netwalker gang, according to the BBC. The gang has previously attacked two other universities over the past couple of months.
The hackers reportedly started with the demand of $ 3 million, which the UCSF negotiated down to $1,140,895.
The next day the UCSF transferred 116.4 bitcoins to Netwalker’s electronic wallets and received the decryption software in return.
Related Story: Aussie Beer Manufacturer Lion on the Hook for $800K in Ransomware Demand

Latest Alternative Investment News

Digital Assets: Ledger, Maker Of Crypto Security Hardware, Raises Nearly All Of $100M Series C Round
Paris-based startup Ledger, which makes hardware wallets for cryptocurrency investors, has raised €100m ($109m) in funding, valuing the company at €1.3bn. The round was led by investors including Digital Finance…

FinTech: Cogo And Eliq Partner To Help Banking Customers Enhance The Energy Efficiency Of Their Homes
Cogo, a fintech which collaborates with banks to assist customers in decreasing their carbon footprint as a carbon footprint management firm, is partnering with Eliq, a company that specializes in…

Venture Capital: The LSP Dementia Fund Closes €260M (US$283M) To Address Dementia, One Of The Most Significant Health Crises Of Our Era
The LSP Dementia Fund has reached a final close at €260 million (US$ 283 million), surpassing its initial target of €100 million. The fund, which is managed by EQT Life…

Artificial Intelligence: The DAGGER AI Model Gives Advance Warning Of Dangerous Solar Storms
Researchers have developed an AI-based model that combines satellite data and machine learning to predict where an impending solar storm will strike on Earth, offering 30 minutes of advance warning….