A hacking group, which has successfully attacked at least three universities recently, threatened to publish sensitive research information to the dark web if monetary demands are not met.
Hackers have been agressively and successfully targeting universities engaged in COVID-19 research, recent reports show.
The rash of cyberattacks is the latest example of the willingness of cybercriminals and bad actors to target governments and public institutions as they work to contain the ongoing pandemic.
The most recent victim, the University of California San Francisco, discovered evidence of intrusion into their networks early Monday morning, a representative of the school confirmed. UCSF, which has been conducting important virus research including antibody testing, may have had its data stolen, according to Bloomberg News.
"We have engaged an IT security firm and have reached out to law enforcement," reads a statement provided to GT by the institution. "With their assistance, we are conducting a thorough assessment of the incident, including a determination of what, if any, information may have been compromised. In order to preserve the integrity of the investigation, we will need to limit what we can share at this time."
The group responsible is known as "Netwalker," has been known to target health-care organizations, and has been known to steal unencrypted data before encrypting it. Netwalker first emerged in the middle of last year and specifically targets enterprise networks. In each of the recent cases involving universities, the group has already posted a limited amount of data to its dark web leak site to support its claims, said Brett Callow, threat analyst with Emsisoft.
"Like multiple other groups, the operators of NetWalker have launched a name-and-shame leak site and use the threat of publishing exfiltrated data as additional leverage to extort payment," Callow explained. "The group’s other victims include Toll Group, Bolloré and Weiz, an Austrian municipality."
Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.