You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

Hackers Snag University of Utah, Walk Away With $450k

NetWalker's cyber con tactics caught the College of Behavioral Science - a little ironic.

The Utes are hurting after a successful attack on their College of Social and Behavioral Science. Those involved point the finger at the NetWalker Ransomware Group who also recently hit University of California and Michigan State University.

As part of the attack, the threat actors stole unencrypted data before encrypting computers.

The NetWalker team typically starts by stealing as much data as they can access. Once they finish the data grab, they encrypt (or lock) the network. This is when they notify the victim, demand a hefty ransom and the sirens go off.  

As the stolen data contained student and employee information, the university decided to pay the ransom to prevent it from being leaked.

It's only a bit ironic that the hackers hit the school of Behavioral Science. These attacks only happen after cyber con-artists exploit our unsafe behaviors. Most employees will avoid a Phishing email when alert and thinking about security. It's in the moments of urgency/stress/curiosity that we stumble.

The school decided to pay the ransom because there's "nothing to say that the threat actors will not use the stolen data for their own purposes, such as identity theft and phishing attacks against students and employees." In paying the cybercriminals' demand, the school hopes that the files are fully destroyed, not to be released.

The NetWalker Group seems to make headlines every week for its attacks. The prolific hacker team is even expanding its ranks. They're not the only ones using these tactics either.

The good news is that these hacks can be stopped!

The first step is training your team to avoid the initial Phishing email, the one that the University employee fell for.

Are you ready to take action?
We make it easy to protect your team from attacks just like this one. Find out how to protect your team with INFIMA's Automated Security Awareness platform.

To get a quote, set up a call with our (non-pushy) sales team here!

Original article here.

Joel Cahill

Cybersecurity enthusiast. Entrepreneur.