Cryptocurrencies were designed to popularise the idea of a decentralized economy. A system that eliminates third parties making financial services faster, reliable, and verifiable. Along with this comes complete anonymity, making the system a perfect one for the criminals as well.
Over the past years, the numbers of ransomware attacks have gone up considerably. According to blockchain and crypto analysis firm Chainalysis, the average amount sent to ransomware addresses increased more than tenfold between 2015 and 2019.
Recently, the University of California at San Francisco School of Medicine (UCSF) was the victim of such an attack where the organization had to pay a million-dollar ransom in cryptocurrencies to a hacker group, after an unsuccessful attempt at negotiating with them.
$1.14 million was paid in ransom to the hackers behind the attack that was executed on June 1. According to a report from CBS San Francisco, the IT staffs of UCSF were the first to detect the incident, noting that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.”
Despite isolating some areas from the internal network, the hackers still managed to deploy the ransomware attack and left the servers inaccessible. In a statement, the University of California stated:
“The data that was encrypted is important to some of the academic work we pursue as a university serving the public good. […] We, therefore, made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to the individuals behind the malware attack in exchange for a tool to unlock the encrypted data and the return of the data they obtained.”
According to a BBC News report, the hackers originally demanded a sum of $1.5 million. The university’s officials requested the sum to be reduced to $780,000, but the offer was rejected and the hackers warned that they will only accept $1.5 million, and “everyone will sleep well.”
Later, the UCSF staff asked for the instructions on how to send the payment and put a final offer of $1,140,895, which was accepted by the hackers. The university then sent 116.4 Bitcoin (BTC) to the ransomers’ wallets the next day and received the decryption software.
As previously reported by The Daily Chain, cybersecurity firm Symantec blocked a similar ransomware attack last week, targeted at 31 U.S.-based firms and fortune 500 companies by the Evil Group. According to Symantec, had the attackers not been disrupted, “successful attacks could have led to millions in damages, downtime, and a possible domino effect on supply chains.”