UCSF came under a ransomware attack recently, the attacker demanded $3 million ransom to withdraw the attack.
A negotiator from the University of California San Francisco was hired to crack the deal with the attacker. On Friday, June 5, at 6:50 p.m. the negotiation was directed to the dark web. A portal was opened in which the conversation had to take place.
A timer was displayed on the portal which counted down the deadline to fulfil the payment of the attacker. If the payment was not made within the time limit then the price would be doubled, as per the attacker.
The origin of the hacker is still unknown and UCSF has also not linked the attackers to any of the countries. The UCSF is clear that they have still not lost their covid-19 research data but their academic data was on risk.
The ransomware which was used to attack University came from a hacking operation which was created since last fall, called Netwalker. It hijacked almost 20 gigabytes of data from the university.
The negotiator of the university asks for an extended period of two days.
Apart from the 101 negotiations, the authorities of the university were also unsure about the promise made by the attacker.
The negotiator asked, “I’m willing to work this out with you, but there has to be mutual respect. Don’t you agree?”. The authorities of the university were relived by hearing a positive response.
The negotiator of the university first made an offer of $390,000 which was denied respectively by the attacker. A new offer was made by the negotiator of $780,000, which was rejected too.
Finally, the final offer was made to the attacker of $1.5 million on June 9th.
The attackers were given $1.14 million, worth 116 Bitcoin, after 6 days of negotiation. The attackers confirm that they have deleted the copies of the files by 2:48 a.m. on June 14