Cybercriminals are now using new techniques to infect users with ransomware in order to make easy money. That is exactly what happened with Los Angeles Valley College (LAVC) who recently had their computer systems infected. In return, the college was forced to pay the whopping sum of $28,000 (£22,500, €25,936) in Bitcoin.
It all started on 30th December 2016 when the college found out their servers was infected with ransomware encrypting all their files and blocking the officials from their work. The malicious activity disrupted computers, email and voice mail systems.
For the next 6 days, the administration tried to solve the situation, but the criminals behind this scheme were not there to negotiate. Thousands of students were also about to arrive at the campus for the new semester.
Hence after consulting with authorities and cyber security experts the college decided to pay the ransom. Which they did. The cyber criminals then simply handed a decryption key to the administration.
In a statement from Dr. Erika A. Rndrijonas of LAVC, it was revealed that:
“After payment was made, a ‘key’ was delivered to open access to our computer systems. The process to ‘unlock’ hundreds of thousands of files will be a lengthy one, but so far, the key has worked in every attempt that has been made,” said Dr. Rndrijonas.
The statement also said that currently, the experts didn’t find any data breach, but that the investigation is ongoing. Since the payment was made in Bitcoin it would seem that catching the perpetrators will be difficult. Everyone knows that each time a ransom is paid it only serves to encourage these activities. Although it seems strange that the authorities would tell victims to pay since No More Ransom portal unlocks encrypted files for free.
However, this is not the first time when authorities have told the victim to simply pay ransom money. In fact, even the FBI wants victims to pay the ransom and feed cyber criminals. As far as LAVC is concerned, the college can consider itself lucky to get the right key at the right time but not everyone is as lucky as them. In 2015, the encrypted email service provider ProtonMail suffered a series of non-stop DDoS attacks where the attackers demanded 15 bitcoins ($6000) which were then paid by ProtonMail. But the attacks continued nonetheless.
If you want to read more about ransomware payments check our exclusive research on 7 Cases When Victims Paid Ransom to stop cyber attacks.