Skip to content

MSU is the victim of a ransomware attack and refuses to pay the ransom

June 12, 2020

In early June, the media reported that the NetWalker ransomware group had attacked Michigan State University (MSU). At that point, the group threatened to leak student financial documents and university officials said they would not pay the ransom.

According to Detroit Free Press, The MSU does not pay the ransom and the cryptocurrency amount requested by the ransomware group is not yet known. Officials have not released an official statement on the motives behind this decision.

The attack appears to have been carried out during the commemoration date in the United States on Memorial Day, in which MSU computer systems were shut down and their security structure breached by data primarily being compromised by the Department of Physics and Astronomy.

Hackers are at risk of losing stolen data

MSU is the victim of a ransomware attack and refuses to pay the ransomMSU is the victim of a ransomware attack and refuses to pay the ransom

The Michigan State Police is currently providing technical assistance and sharing information with federal officialsaccording to local media.

According to reports The group released a countdown clock that warns that the stolen data will be lost if the MSU does not meet its requirements. Since then, hackers have released evidence that they can access stolen documents.

Allan Liska, solution architect at Recorded Future, a cyber security company, told Cointelegraph how NetWalker works:

“NetWalker is part of a new generation of ransomware families. Actors are generally demanding and have a good understanding of how corporate networks work. They take time when they are on a network and know what data to enforce to force them. ” a blackmail payment if the victim does not pay the ransom. “

The cyber security company also emphasizes that schools in general have long been a frequent target of ransomware groups::

“Part of that is due to easy access, whether it’s a primary school, high school, or university. There are generally many systems connected to the Internet with a school. Often there is also little budget for security what means attackers have many ways to gain access. Computer services are playing an increasingly important role in school operations. In the United States, a wave of ransomware attacks on school systems occurred in August and September 2019. “

Should the victims pay the ransom?

Liska says that Paying the ransom is ultimately a “business decision”.and this is a question of risk management. However, the solution architect for Recorded Future noted:

“Regardless of whether an organization pays the ransom or not, it is important to remember that they are criminals. Paying the ransom does not always guarantee that your files will be decrypted, and does not always mean that the stolen files do not sold in all underground forums. Unfortunately, once the files leave your company’s network, there’s no good answer. “

On June 10, officials in the city of Florence, Alabama, announced their intention to pay a nearly $ 300,000 ransom in Bitcoin (BTC) and were concerned that their citizens’ private information could be accessed if they were did not leak after a ransomware attack by DoppelPaymer.

C.Ointelegraph also reported on June 3 that the NetWalker ransomware group targeted three US-based universities.