Skip to main content

Ransomware attack: A college in Los Angeles just paid $28,000 to hackers

1291866 autosave v1 2 laptop hacker
Scyther5 / Shutterstock
Hackers ensured 2017  got off to a bad start for Los Angeles Valley College after they took control of its computer network in a ransomware attack.

In a statement sent to media outlets on Wednesday, the Los Angeles Community College District confirmed it paid $28,000 in bitcoin to the hackers in an effort to regain access to a huge number of computer files after malware locked them up at the end of December. The college said it obtained the funds from a cybersecurity insurance policy created to deal with such incidents.

Related Videos

District chancellor Francisco Rodriguez said the malicious cyber activity, which was detected at the end of December, “disrupted many computer, online, email, and voicemail systems” at the college.

The college said early investigations indicated no data breach had occurred, suggesting the cybercriminals were only interested in forcing a payout from the college.

Having evaluated the situation with the help of online security experts, the college concluded it had little choice but to pay the ransom. “Making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee the data would be lost,” Rodriguez said.

Indeed, after meeting the hackers’ demands, a digital key was sent to the college that’s allowed it to start accessing its locked files, a process it says will take a long time as “hundreds of thousands” of files are involved.

The college said the authorities are currently investigating the crime, though even if the hackers are eventually identified, it’s likely little can be done if they’re located outside the country.

Ransomware payments made last year could total around $1 billion, according to the FBI, marking a massive increase on the $24 million paid to hackers in 2015. Security experts have said it’s likely that such attacks, which are usually launched via malicious email or infected websites, will increase further this year.

While it’s currently difficult to outright prevent ransomware incidents, making backups of important files is one way for unlucky victims to avoid having to hand over money demanded by hackers.

A high-profile ransomware attack in 2016 saw a Hollywood hospital pay out $17,000 to hackers in return for an access key. However, such payments don’t always solve the situation, as Kansas Heart Hospital discovered last May. After meeting hackers’ initial financial demand, the criminals only allowed partial access to files and demanded an additional payment. The hospital said it refused to pay up a second time.

Editors' Recommendations

Hackers could seize robots with ransomware, costing companies millions
hackers could use ransomware seize robots business img1

Security consultants IOActive recently created a proof-of-concept attack that uses ransomware to disrupt big corporations. The attack didn't land on corporate PCs to encrypt files for ransom. Instead, the researchers attacked robots, which are vital in many markets such as automobile manufacturing, healthcare, and more. Disrupting these robot-powered environments can cost businesses money every second they are offline. 
One attack vector relies on how robots deal with data. Although they typically include internal storage, most of the data handled by robots remains "in transit," meaning robots receive data, process the data, and then send the data back to be stored at the source. That data could contain high-definition video, captured audio, payments received by customers, instructions on how to perform the current task, and so on. 
"Instead of encrypting data, an attacker could target key robot software components to make the robot non-operational until the ransom is paid," the researchers state. 
To prove their theory, the researchers focused their attack on NAO, a highly used robot in the research and education fields with a roster of 10,000 units in active duty across the globe. It has "nearly the same" operating system and vulnerabilities as SoftBank's Pepper, a business-oriented robot with a massive roster of 20,000 units deployed in 2,000 businesses. Even Sprint is using Pepper to assist customers in its retail stores. 
The attack starts off by exploiting an undocumented function that allows anyone to remotely execute commands. After that, they could disable administration features, change the robot's default functions, and route all video and audio feeds to a remote server on the internet. Others steps include elevating user privileges, disrupting the factory reset mechanism, and infect all behavior files. In other words, they can make the robot very unpleasant, even physically harmful.
By hijacking robots, hackers could interrupt service altogether, causing corporations to lose money with each passing moment. They could even force the robots to show explicit porn to customers, curse at customers during one-on-one interaction, or perform violent movements. The only way to reverse the behavior is to succumb to hackers because, ultimately, paying the ransom could be cheaper than repairs. 
That scenario even applies to sex robots given the privacy and intimacy aspects. Users will likely shell out money to hackers rather than call technical support, deal with customer care, and arrange for someone to get the unit for "repairs." At least sex robots don't have any moving parts ... or rather, not yet. 
"They aren’t cheap," the report states. "It’s not easy to factory reset them or fix software and hardware problems. Usually, when a robot malfunctions, you have to return it to the factory or employ a technician to fix it. Either way, you may wait weeks for its return to operational status." 
The researchers compare disrupting robots in corporate environments to halting cryptocurrency mining farms. Interrupt those PCs with ransomware and miners lose money every second those devices aren't online digging for digital coins. 

Read more
Hackers ransom sensitive photos, information stolen from cosmetic clinics
great news for job seekers in 2016 especially if youre tech programmer

You can do everything right, including keeping your systems protected, never clicking on suspicious links, and making sure to enter private information only on safe sites, and you can still see your most private information stolen and published. The reason is simple -- our information is located on servers that we do not control and sometimes, those servers are vulnerable to attack.

Such was the case with a chain of Lithuanian cosmetic surgery clinics, which was attacked by a group of hackers known as Tsar Team. The hackers broke into the servers, stole sensitive personal data and private client photos, and are now holding the clinics hostage, The Guardian reports.

Read more
Blade Runner 2 will feature a Los Angeles in total ruin
blade runner 2 concept art

Rumblings of Blade Runner 2, the sequel to Ridley Scott’s 1982 film based on Philip K. Dick's 1968 novel Do Androids Dream of Electric Sheep? have been circulating for months. This week, we finally saw concept art depicting what the future holds for the city of Los Angeles.

Director and Blade Runner fan-boy Denis Villeneuve will get his own “J.J. Abrams + Star Wars moment,” as he helms the project, due out in theaters Oct. 6, 2017. According to the still-untitled film’s IMDB page, the follow-up film will return Scott as a co-writer, and once again star Harrison Ford. The movie adds other big names including Ryan Gosling, Robin Wright, WWE wrestler Dave Bautista (Batista), Barkhad Abdi of Captain Phillips fame (“I am the captain now”), Ana de Armas (War Dogs), and Mackenzie Davis (The Martian).

Read more