A team of hackers with a history of targeting healthcare organizations executed a successful ransomware attack in the week in the University of California, San Francisco.
UCSF confirmed it was the target of any “illegal intrusion” but declined to clarify which portion of its IT network seemed to be compromised. Researchers with the university are among those leading American antibody testing and numerous studies for possible coronavirus treatments, including research recently on anti-malarial drugs touted by President Donald Trump as a possible remedy, then refuted by scientists.
If any, information may have been compromised,” Farley said in a statement, the university has alerted security experts and law enforcement of the attack, which didn’t affect its patient care operations, said Peter Farley, a director of communications at UCSF.“With their assistance, we are conducting a thorough assessment of the incident, including a determination of what. “In order to preserve the integrity from the investigation, we will need to limit whatever we can share at the moment.”
Read more: Malaria Drug Taken by Trump Provides No Covid-19 ProtectionThe NetWalker hackers claimed credit for the attack on his or her darkweb blog. The post focused on UCSF appeared to be copy and pasted in the university’s homepage promoting its work towards healthcare.Attack groups often post data samples to prove the achievements of their breach. In this case, their blog posted four screenshots, including of two files accessed with the attackers. The files’ names, seen by Bloomberg in the darkweb, contain possible references on the US Centers for Disease Control and Preventiondepartments and Prevention central on the university’s coronavirus research.
If payment isn’t received, the blog includes a flashing-red timer threatening “secret data publication” by June 8 Pacific Time. The post doesn’t mention the need for ransom demanded.
Generally in most ransomware cases, payment is then the exchange of the decryption key which allows victims to gain access to their files. When victims don’t pay, which is truly the case when they have backup copies to regenerate their data, attack groups sometimes publish by far the most sensitive data hoping coaxing payment.
Also for possibly lucrative intellectual property, like valuable research on a cure for Covid-19, even though hackers are increasingly targeting institutions like UCSF not only for ransomware payments themselves. UCSF has involved in extensive sampling and anti-body testing, including in the experimental anti-viral drug remdesivir, which contains shown warning signs of being effective at the beginning of the Covid-19 life-cycle.
The United States was hit by way of a record volume of ransomware attacks in 2019 and attackers have revealed little sign of relenting in 2020, when users spent additional time on less secure networks while working from your home. According to the cyber research firm Emsisoft, in 2019, at least 966 government agencies, schools and healthcare providers were attacked at a cost of more than $7.5 billion. Among those were almost 90 universities.Netwalker ransomware was initially introduced and operated through the criminal cyber group dubbed Circus Spider by CrowdStrike Inc. In order to gain notoriety and increase their customer base,” according to a Crowdstrike research report, since September 2019, Netwalker ransomware has been actively used by criminal actors with links to malware including Mailto, Koko, and KazKavKovKiz.“The use of Covid-19 lures and targeting entities in the healthcare sector indicate that the operators of Netwalker are taking advantage of the global pandemic.