Using ransomware, Los ciberdelincuentes atacaron la Universidad de California, San Francisco (UCSF), uno de los líderes en el desarrollo de una vacuna contra el COVID-19.
The university administration confirmado to Bloomberg reporters that it was the victim of an “illegal invasion”, but did not specify which part of the IT infrastructure was damaged.
UCSF experts are leaders in the United States in the field of antibody testing and the development of treatment for coronavirus infection. Here were tested antimalarial drugs, which President Donald Trump called the possible cure for COVID-19. Sin embargo, scientists refuted this statement.
“Hackers are increasingly targeting institutions like UCSF not only for ransomware payments themselves, but also for possibly lucrative intellectual property, like valuable research on a cure for Covid-19. UCSF has engaged in extensive sampling and anti-body testing, including on the experimental anti-viral drug remdesivir, which has shown signs of being effective early in the Covid-19 life-cycle”, — write Bloomberg reporters.
Según Peter Farley, head of the UCSF public relations department, cyberattack did not affect studies involving patients.
The UCSF administration reported about the incident to law enforcement and turned to cybersecurity experts for help.
“With their help, we conduct a thorough assessment of the incident, including finding out what information could have been compromised”, — said Fairley, adding that he could not disclose any details while the investigation was ongoing.
It seems that the attackers encrypted the UCSF data and demanded a ransom for their recovery. Payment must be made before June 8 este año, and in case of non-payment, the extortionists promised to publish the “secret data” of the UCSF. It is not reported, what sum demanded the cybercriminals.
NetWalker ransomware operators confirmed responsibility for the attack on their blog on Darkweb.
“Attack groups often post data samples to prove the success of their breach. En este caso, their blog posted four screenshots, including of two files accessed by the attackers. The files’ names, seen by Bloomberg on the darkweb, contain possible references to the U.S. Centers for Disease Control and Prevention and departments central to the university’s coronavirus research”, — writes Bloomberg.
Let me remind you that just recently Europe’s largest private hospital operator Fresenius attacked with Snake ransomware.
Netwalker ransomware was first introduced and operated by the criminal cyber group dubbed Circus Spider by CrowdStrike Inc. Desde septiembre 2019, Netwalker ransomware has been actively used by criminal actors with links to malware including Mailto, Koko, and KazKavKovKiz.
