Pages

Friday, June 5, 2020

The Hacking of UC-San Francisco

From Bloomberg: A group of hackers with a history of targeting health-care organizations executed a successful ransomware attack this week on the University of California, San Francisco.

UCSF confirmed it was the target of an “illegal intrusion” but declined to explain which portion of its IT network may have been compromised. Researchers at the university are among those leading American antibody testing and clinical trials for possible coronavirus treatments, including a recent study on anti-malarial drugs touted by President Donald Trump as a possible remedy, then refuted by scientists.

The hackers, known as Netwalker, claimed credit for the attack on their dark web blog. The post dedicated to UCSF appeared to have been copied and pasted from the university’s home page promoting its work on health care.

Attack groups often post data samples to prove the success of their breach. In this case, their blog posted four screenshots, including two files allegedly accessed by the attackers. The files’ names, seen by Bloomberg on the dark web, contain acronyms that appear to reference the U.S. Centers for Disease Control and Prevention and departments central to the university’s coronavirus research...

In most ransomware cases, payment is followed by the exchange of a decryption key that allows victims to gain access to their files. When victims don’t pay, which is often the case when they have backup copies to restore their data, attack groups sometimes publish the most sensitive data in hopes of coaxing payment.

Hackers are increasingly targeting institutions like UCSF not only for ransomware payments themselves, but also for possibly lucrative intellectual property, like research on a cure for Covid-19. UCSF has engaged in extensive sampling and antibody testing, including on the experimental antiviral drug remdesivir, which has shown signs of being effective early in the Covid-19 life cycle...

“The use of Covid-19 lures and targeting entities in the health-care sector indicate that the operators of Netwalker are taking advantage of the global pandemic in order to gain notoriety and increase their customer base,” according to a Crowdstrike research report.  

Full story at https://www.bloomberg.com/news/articles/2020-06-04/hackers-target-california-university-leading-covid-19-research

No comments:

Post a Comment