Once again the heat was felt by the Los Angeles Valley College (LAVC) when hackers managed to infect its computer network with ransomware and demanded US$28,000 payment in Bitcoins to get back online.
The cyber-attack occurred over winter break and caused widespread disruption to online, financial aid, email and voicemail systems, including locking out 1,800 students and staffs from their computers.
The cyber criminals gave the college a week to pay the ransom and threatened to delete all the data if they were not paid.
Just like most ransomware victims the college obviously was not properly backing up the data. Therefore, the district agreed to pay up the ransom amount to quickly recover access to their systems and data.
However, according to the college officials, it was ultimately cheaper for them to pay the ransom than to remove the unknown ransomware virus from their systems to recover data and resume other services.
“LACCD and LAVC information technology staff, outside cybersecurity experts and law enforcement are working together to determine the specific nature and impact of this incident. Our top priority is the integrity of student, faculty and employee data, and we will continue to communicate with the LAVC community and the public as the investigation proceeds.” the College wrote in a report [PDF].
The college was lucky this time, because, in the case of ransomware, there is no guarantee that one will get the right decryption key in return. For example, recently discovered KillDisk Ransomware that targets Linux machines, demands $218,000 to decrypt, but in return, wipes out data permanently.
One of the most notorious examples of ransomware attacks took place in March last year when crooks locked down the computers and sealed all sensitive files of a Los Angeles hospital, including patient data, which eventually made the hospital to pay $17,000.
Last year, we saw an enormous rise in Ransomware threats, both in numbers and sophistication, and the only way to secure your environment is to deploy automated and isolated backup mechanism.