Needless to say, 2020 has been a rough year for colleges, universities, and the students who attend them.
The rush to move courses online and send students home was the first challenge. Adjusting for a virtual graduation was the second, especially as hackers started to target digital ceremonies. And the third is the ever-evolving question surrounding normal, remote, or socially-distant fall semesters.
For Michigan State University, though, there's a fourth challenge: ransomware attacks.
One week.
That's how long the cybercriminals targeting MSU say they're giving the university to pay the undisclosed ransom.
If the university fails? The hackers claim they'll release personal student information and the college's private financial records, among other documents.
The orchestrators are using NetWalker, a form of ransomware that emerged in 2019 and is designed specifically to target larger networks, like those for companies and organizations.
NetWalker hackers approach ransomware attacks differently than some other systems. Rather than locking up the network and hoping the organization will pay, they opt to steal private data and threaten to make it public.
And NetWalker itself features a unique twist on this, according to EdScoop:
When the countdown clock hits zero, the stolen files go live.
"Uniquely, the leak site has auto-publishing functionality and a timer," said Brett Callow, an analyst with the cybersecurity firm Emsisoft. "When the time has elapsed, the data is automatically published along with the password needed to access it."
The MSU ransomware attack brings up a classic debate in cybersecurity: when hit by a ransomware attack, do you pay your hacker the ransom?
Particularly in the case of NetWalker, refusing to pay might lead to data automatically going public, even without a human being pressing a button.
At the same time, though, paying the hacker doesn't guarantee the safety of your information.
SecureWorld has covered the debate previously, revealing some interesting data about ransomware victims:
Proofpoint researchers found that nearly 70% of organizations successfully got their data back following a ransomware payment—the decryption keys worked.
But that's where the story grows dark. Look at what happened to the other 30% of those who paid a ransom:
This data reveals that negotiating with hackers is a roll of the dice.