The personnel and students of the Los Angeles Valley College (LAVC) were in for an unpleasant surprise when the institution’s network was attacked by ransomware a day before the New Year’s Eve . The unnamed infection has quickly spread, locking every device connected to the campus network. Sadly, it is not the first time an incident of such a scale occurs. Attacks on institutions have been trending in 2016 and have also been reported outside the United States. For instance, just last November the extortionists have targeted Carleton University in Canada, demanding 39 bitcoin (around 31 thousand dollars) for the key to the encrypted data . The University did not collaborate with the extortionists and refused to pay the hefty ransom, setting a good example for others to follow. Unfortunately, not all of the attacked organizations or institutions are willing to do that. In fact, most of them do not wish to give away the fact that they have been hacked in order not to cause additional panic or damage their public face . Others may simply have no other choice but to pay because they have not taken care of the data backups before the attack. The recent event at LAVC is probably somewhere between the two.
Indeed, after being threatened with data destruction, the LAVC administration has eventually decided to pay the 28,000 dollar ransom that the virus developers have demanded in exchange for the data decryption key. Asked to comment on such a questionable decision, the college president Erika Enrijonas has stated that all operations inside the institution, including the Internet access, email, and voicemail communication have been paralyzed . Thus the institution had to take actions to get back to the business as usual as soon as possible. Luckily, after transferring the ransom, the extortionist did what they promised and granted the decryption key. The IT department could then proceed with data decryption, though having in mind the scale of the encrypted data, this process probably took some time. Nevertheless, despite the financial loss, LAVC can be considered lucky. Not all of the ransomware victims step out of the mess that easily. The hackers usually continue to terrorize the organizations threatening to publish their data to the public and demand even more cash .
Generally, it is really simple for the institutions to get infected with ransomware. All it takes is for one of the staff members or students to open a malicious email carrying Cerber, Osiris or any other ransomware and all the havoc breaks loose. Thus, institutions should keep their employees informed about the dangers of cyber threats and invest in sophisticated security solutions.