How hackers extorted $1.14m from a US university:
A leading medical-research institution working on a cure for Covid-19 has admitted it paid hackers a $1.14m (£910,000) ransom after a covert negotiation witnessed by BBC News.
The Netwalker criminal gang attacked University of California San Francisco (UCSF) on 1 June.
IT staff unplugged computers in a race to stop the malware spreading.
And an anonymous tip-off enabled BBC News to follow the ransom negotiations in a live chat on the dark web.
[...] At first glance, its dark-web homepage looks like a standard customer-service website, with a frequently asked questions (FAQ) tab, an offer of a "free" sample of its software and a live-chat option.
But there is also a countdown timer ticking down to a time when the hackers either double the price of their ransom, or delete the data they have scrambled with malware.
Also at Security Week.
(Score: -1, Flamebait) by Anonymous Coward on Monday June 29 2020, @11:51PM (6 children)
UCSF is the premier medical reseearch institute in America. Across the bay is UC Berkeley, the home of computer wizardry, Bill Joy and other clowns of its ilk.
They got screwed sideway by some two-bit cocksucker "hackers". You know why?
The fucking millenials.
(Score: -1, Offtopic) by Anonymous Coward on Tuesday June 30 2020, @12:02AM (1 child)
Bullshit, you can't blame this on millennials.
California is a nest of SJWs, so a pink- hair diversity-hire Chief InfoSec Officer probably left the passwords on a Post-It note.
The fucking SJW diversity hires.
(Score: 5, Insightful) by Anonymous Coward on Tuesday June 30 2020, @12:10AM
These sorts of comments say a lot more about the posters than they do about their subjects.
(Score: 5, Insightful) by c0lo on Tuesday June 30 2020, @01:38AM (2 children)
Because the MBA in Uni admin decided that "we'll use Windows, because nobody was fired for paying extortion fees to Microsoft"
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: -1, Troll) by Anonymous Coward on Tuesday June 30 2020, @02:40AM (1 child)
I can't fault university administration. Their plates were too full dealing with demonstrating wokeness and signaling agreement with #shutdownSTEM to deal with some nerd issue.
(Score: 0) by Anonymous Coward on Tuesday June 30 2020, @02:56AM
Well, that impotence comes with the age, sweetie, you better get adjusted to it.
You know what they say, mind is the second thing to go.
(Score: 0) by Anonymous Coward on Tuesday June 30 2020, @09:54PM
Ok Boomer.
(Score: 0) by Anonymous Coward on Tuesday June 30 2020, @01:39AM (1 child)
Surely the US has agencies that should have been alerted and in on this, not the reporters from the BBC (a crooked organisation extorting outdated TV "licences" from the UK population via 'contractors'). And surely these agencies can pin-point the location of the bad guys. Apple 10 years ago put a pin on my visiting friends iDevice down to within 2 feet. And I would expect the bad guys about 48 minutes after their location has been discovered, to hear (or not, due to Mach 5) the approaching nuclear warhead.
We need a New Internet - built on trust and identity - otoh, A/C is useful and convenient at times.
(Score: 2) by c0lo on Tuesday June 30 2020, @01:53AM
You've been watching too many Hollywood movies with TLAs pin-pointing the hackers' location in like 2 mins or less (cause the movie is 80mins total)
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by Rosco P. Coltrane on Tuesday June 30 2020, @01:56AM (7 children)
Usually it's US universities that extort obscene amounts of money from students...
(Score: 2) by c0lo on Tuesday June 30 2020, @02:21AM (6 children)
Given that US uni-s will not stop extorting obscene amounts of money from the students (on the contrary, I reckon they'll extort even more obscene amounts), I don't see how this qualifies as a "change", much less a "refreshing" one.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 1) by khallow on Tuesday June 30 2020, @11:03AM (5 children)
They'll stop when the students stop paying.
(Score: 2) by c0lo on Tuesday June 30 2020, @12:06PM (4 children)
Careful what you wish for [quoteinvestigator.com] - you may end of not being able to avoid the uneducated.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 1) by khallow on Tuesday June 30 2020, @12:28PM (3 children)
(Score: 2) by c0lo on Tuesday June 30 2020, @12:37PM (2 children)
Even if flawed in form, I get what you say.
My answer: formal education doesn't sell credentials (otherwise why would they take the cost of schooling to deliver credentials on a piece of paper) and it is not impossible for a school to actually deliver education.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 1) by khallow on Tuesday June 30 2020, @01:27PM (1 child)
I think the obvious answer comes in the form of whose cost is the cost of schooling? When such credentials are in high demand, it's the students (or in the US a combination of students and government) paying not the university. When demand drops, it's the colleges paying for it.
"not impossible for" doesn't mean "does". All schools even the online degree mills has some capability to deliver education. The failure doesn't come from lack of capability.
My take is that ideological-based ignorance is the driver. For an outlier, consider the case of Evergreen State College. Back in May 2017, a Professor Bret Weinstein protested a change in a college holiday ("the day of absence", originally during which minorities would voluntarily leave the campus for a day, which had just been turned around so that white Caucasians were asked to voluntarily leave the campus instead). Soon protests [huffpost.com] and considerable lawbreaking erupted with the offending professor leaving with a large cash settlement and enrollment down more than a quarter over three years (from 3881 during the 2016-2017 school year to 2854 in the 2019-2020 school year).
The school gave in to ignorance for ideological reasons and we're seeing the consequences in student enrollment. That's why I think "students stop paying" is a real thing.
(Score: 1) by khallow on Tuesday June 30 2020, @01:49PM
(Score: 5, Insightful) by Phoenix666 on Tuesday June 30 2020, @03:48AM (4 children)
I don't have a lot of baseline sympathy for a university that doesn't secure its systems properly; they are, after all, financially hollowing out the last couple and next several generations of American students for their own greed.
But if this was a lab there working on a cure for the Wuhan coronavirus, and the hackers were holding that data hostage, then the FBI and other relevant federal agencies should come down on the hackers like a ton of bricks. If they're non-state actors, the countries where they are located should cough them up to be tried for bio-terrorism. If they're state-sponsored, it's an act of war. Even if you don't fear the lethality of the virus, it has wrought enormous economic harm to the global economy and people's livelihoods everywhere, so finding a cure has become quite important for humanity.
Washington DC delenda est.
(Score: 2) by Subsentient on Tuesday June 30 2020, @11:12AM (3 children)
I agree -- what the malware operators did here was absolutely appalling. It could reasonably be called a crime against humanity. They need to spend 30 years in prison for this.
"It is no measure of health to be well adjusted to a profoundly sick society." -Jiddu Krishnamurti
(Score: 3, Insightful) by Gaaark on Tuesday June 30 2020, @03:44PM (2 children)
How many years should the people who put Windows on the computers get?
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 2) by toddestan on Tuesday June 30 2020, @10:02PM
Easy. If it's Windows 10, then 10 years. If it's Windows 7, then only 7 years.
(Score: 1, Funny) by Anonymous Coward on Tuesday June 30 2020, @10:35PM
640 years should be enough for any crime.
(Score: 4, Informative) by zeigerpuppy on Tuesday June 30 2020, @09:17AM (1 child)
Can we please avoid misusing the word 'hacker' on this site?
Hacking is not by its nature criminal and we should not conflate these concepts.
The mass media does so, because it's a convenient narrative to stoke fear about people who have skills and enjoy using them.
Hacking is playful, often irreverent and sometimes anti-establishment, but it is by no means criminal.
The last thing we want is governments to regard exploration of new ideas as synonymous with illegality.
It matters
see https://stallman.org/articles/on-hacking.html [stallman.org]
(Score: 2, Touché) by takyon on Tuesday June 30 2020, @10:56AM
Hackers are to be given swirlies on sight. In prison.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]