Healthcare at Risk of Cyber Attack

Healthcare at Risk of Cyber Attack

University of California: Cyber Attack

The University of California, San Francisco (UCSF) has confirmed that it has paid a total of
$ 1.14 million (£ 925,000) to criminals behind a cyber attack on its School of Medicine.
On June 1, the hackers behind the NetWalker ransomware campaign attacked the UCSF
network in the School of Medicine IT.

It is grateful that the treatment of COVID-19 did not impact either patient care delivery operations or research work, the data was successfully encrypted on a limited number of servers according to a UCSF statement.


The encrypted data is important to some of the academic work they adopt as a
university for the betterment of the public. Although no one has thought that any
patient records were exposed by the Netwalker cyber attack.


UCSF said in exchange for a tool to unlock, the person behind malware attack asked for
some amount of ransom which was a difficult decision to pay so that the attackers will
encrypt data and return the data they obtained.


It is a warning to everyone about the danger created by the Netwalker ransomware
threat since March 5, 2020. This ransomware is not the same as other operators. During
the COVID-19 epidemic, this particular group of cybercriminals has not declared a
cease-fire against medical targets. Ransomware is targeting updated windows 10
systems.

Health Education at Risk


On March 12, NetWalker hackers were reported to have taken the Champaign Urbana
Public Health District (CHUPD) website in Illinois offline. The educational facilities are
also in the crosshairs for the Networker gang, and if they can combine health and
education, it is better.


As per the report, the hackers were originally seeking a ransom of $3 million but were
negotiated by a UCSF representative. According to the BBC report, the UCSF spokesman
told that it would be a mistake to assume that everything in the negotiated statements was factually correct.

It is shocking to hear that ransoms are still needed to be paid to decrypt encrypted data.
Ransomware operators such as Maze and Revil have a fully dynamic game in play that
steals data before encrypting the server and use publishing or sales threats as leverage in
ransom negotiations.


Earlier, the theft and publication of data, was seen with the Revil operators demanding
$42 million for reveling “Dirty laundry” which was related to President Trump, can still
play a role in UCSF paying a ransom.


UCSF has stated that COVID-19 research was not affected by ransomware. However, the
UCSF is restricted in the information that it can share about the cyber attack itself, while
the investigation continues in collaboration with law enforcement.

It is difficult to deny that not only did the attackers succeed in establishing a foothold on
the School of Medicine network but also a backup of encrypted data was not available. If this is the case, Thornton-Trump says, there will be a question to ask “why the
authorities are willing to pay a $1 million ransom to cybercriminals, but not willing to
pay a fraction of that to enforce or maintain backups?”
It is always better to prevent and protect rather than to pay, but it is a tough sentiment
to swallow once it happens, by paying these criminals it only prevents the further rounds
of attacks not for the whole life, these attackers will come back and continues the cycle
of this frustrating malware.

Related post

Subscribe To Our Newsletter & Support Us

Get the latest research, analysis, and updates on everything tech, blockchian and crypto. 

You have Successfully Subscribed!