Inside Higher Ed

Lindsay McKenzie

June 11, 2020

Cybercriminals have found a new way to extort universities — stealing sensitive information and then threatening to share it on the dark web unless a bounty is paid.

Three institutions were successfully targeted by hackers using this approach in the past two weeks. The first was Michigan State University, then the University of California, San Francisco, and, most recently, Columbia College Chicago.

None of the institutions have shared how much ransom was requested. All were targeted using malicious software known as NetWalker and given a deadline of six days to pay.

A blog run by the cybercriminals behind NetWalker reportedly boasts that stolen information from the institutions includes Social Security numbers, among other sensitive information. Twitter users such as Ransom Leaks have shared screenshots of sample data shared on the blog, which include passports and banking details.

CONTINUE READING