Los Angeles Valley College Paid $28,000 In Bitcoin As Ransom Money To Hackers
A mural on the Student Services Center at Los Angeles Valley College. (Via Facebook
In late December, a hacker (or hackers) took it to another level with a cyberattack that elicited a payout of $28,000 in ransom money by the Los Angeles Community College District, reports the L.A. Times.
The attack was launched at Los Angeles Valley College on December 30. According to the San Diego Union-Tribune, the school was hit by a virus called ransomware that affected various systems; these included the school's computers, emails, and voicemails. The virus held the systems on lockdown until a ransom was handed over, and the district (after consulting with law enforcement and cybersecurity experts), decided to pay $28,000 to the cyber hostage takers.
"It was the assessment of our outside cybersecurity experts that making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee that data would be lost," Francisco C. Rodriguez, chancellor of the Los Angeles Community College District, said in a release.
Upon payment, a "key" was delivered to the school for officials to open access to the affected systems. As LAVC noted in a release, the District has a cybersecurity insurance policy, which was enacted to cover for the costs. LAVC says that, at the moment, it's believed that student and employee data have not been compromised in the attack, though the investigation is still ongoing.
So how did the exchange take place? Was it a briefcase hand-off in a darkened parking lot? Or maybe the money was wired to some mysterious off-shore account? Nope, the school paid in bitcoin, a digital currency that isn't tied to any specific country, nor subject to regulation.
Earlier in 2016, a similar incident happened at the Hollywood Presbyterian Medical Center, which paid $17,000 in bitcoin to hackers after its computer systems were infected with ransomeware. Jonathan Sander, vice president of Culver City's Lieberman Software company, told the Tribune that preemptive measures are often times the only ways to combat these attacks. Sander said that the attacks "can be prevented by being careful with email and phishing attacks or remediated by having good back-ups. You have to pay ransomware attackers when you have no way to get back the data they lock up.”
As noted by the Times, many of these attacks stem from hackers overseas. It can be difficult for authorities to trace down the sources of these attacks because the U.S. often does "not have pacts with the countries where the attacks are launched,” Phil Lieberman, a cybersecurity expert, told the Times.