Los Angeles Valley College fell victim to ransomware in late December. The infection spread across the entire computer network of the educational facility. After failing to find an alternative solution to the problem, the institution was forced to pay a ransom of a whooping $28,000 USD.
On Wednesday, the Los Angeles Community College District announced the event to the public. The college explained that the decision was made due to the severity of the issue. The virus encrypted a large number of files, some of which contained sensitive information.
The payment was financed by a cybersecurity fund. The college was prepared for cyber attacks. The management had devised a separate cybersecurity insurance policy to cope with potential problems.
The ransomware attack was addressed by district chancellor Francisco Rodriguez. He served as a spokesperson for the college. According to Mr. Rodriguez, the infection “disrupted many computer, online, email, and voicemail systems” within the college in late December.
The choice to pay the ransom was made after consulting online security experts and evaluating the situation. “Making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee the data would be lost”, explained Rodriguez.
Initial analysis of the infected computer systems revealed that the ransomware had not breached the contained data. This is an indication that the cyber criminals had no interest in stealing information from the college. When a virus encrypts files without tampering with the data, the only purpose is to collect a ransom.
This was indeed the case, as Valley College received a working decryption key upon completing the payment. The institution explained that the decryption would take a while, as there are “hundreds of thousands” of infected files.
In a conclusive statement, the college announced that the authorities are doing an investigation in an attempt to identify the hackers. Due to the nature of cyber crimes, the authorities may have limited power if the hackers do not reside within the country.
The risks and trials around ransomware are becoming an increasingly relevant threat, as malware developers are shifting to this type of virus. The numbers show that ransomware programs are a profitable source of income. The FBI reports reveal that the annual revenue has increased from $24 million in 2015 to $1 billion in 2016. A further increase is expected in 2017.
Although the sources for ransomware are well known, prevention can be difficult for companies and institutions which handle extensive correspondence on a daily basis. The best prevention against data loss is to make backups.
Cybersecurity funds are becoming an integral part of insurance policies. This type of insurance holds the greatest risk level. The case of Kansas Heart Hospital is a good example as to why. The medical facility contacted ransomware in May of last year. After paying the required sum, the institution was met with an ultimatum. The hackers decrypted a portion of the files and demanded a further payment for the rest, to which the hospital refused.