A Tail Of Two Ransomware Attacks

Two schools, two ransomware attack and two different outcomes.

The Allegheny Intermediate Unit school system was able to fend off a recent ransomware attack using back up files, meanwhile the University of Maastricht just disclosed it paid 30 bitcoins to regain control of its encrypted computer network.

Allegheny
Intermediate Unit (AIU), a regional public education agency that is part of
Pennsylvania’s public education system, reported that portions of its network recently
were hit with ransomware with the attackers demanding a ransom payment to
restore the files. The school system refused to pay the unnamed amount.

AIU interim
director Rosanne Javorsky hired an outside security firm to lock down and
restore the system using back up files.

“The AIU had
backup versions of the most critical information and was able to restore access
to the vast majority of the impacted files without engaging or paying the
intruder. To ensure the integrity of our systems and avoid similar incidents in
the future, we are reviewing our policies and procedures and continuing to
enhance the security of our information systems,” she said.

AIU does not
believe any information was removed from its system.

However, The
University of Maastricht, was unable to recover from a December 24, 2019 attack,
Tripwire
reported. The university hired the security firm Fox-IT which traced the attack
to the cybergang TA505 who used a phishing email most likely containing a malicious
document to download the malware. The school reported that the lost data
contained student and scientific work and the overall damage to the institution
was very severe.

IT News
reported the school considered rebuilding its system from scratch, but in the
end opted to pay the 30 bitcoin ransom, or about $300,000.

TA505
is a well-known threat group that has hit a variety of targets at least one U.S. based electrical
company, a U.S. state government network and one of the 25 largest banks in the
world. The gang is known for spreading Dridex, TrickBot and Locky malware, and
is widely considered synonymous with the alleged Russian cybercriminal outfit
Evil Corp.

Topics:

Education Phishing

Source: https://www.scmagazine.com/home/security-news/ransomware/allegheny-intermediate-unit-targeted-in-ransomware-attack/

Generative Data Intelligence

Topics:

India Successfully Tests New 250 Km Strike Range Crystal Maze-2 Air-Launched Ballistic Missile In Andamans

Indian Air Force Aims For TEJAS MK-2 Fighters By Decade’s End: International Media

Latest Intelligence

Iraq to equip F-16s with AIDEWS EW suite

Retrieval Augmented Generation: Where Information Retrieval Meets Text Generation – KDnuggets

Top 5 AI Devices to Use in 2024

These are the cars being discontinued for 2024 and beyond – Autoblog

Etihad’s Airbus A380 brings luxury to New York skies

ANA and Air India forge codeshare alliance for enhanced connectivity

Chat with us