January 12, 2017 by

LA Valley College Pays $28,000 to Ransomware Hackers

The Los Angeles Community College District has paid $28,000 in a bitcoin last week to ransomware hackers who compromised an email and computer network belonging to a college campus.

First detected on December 30th at the college, the ransomware encrypted the campus’ computer network alongside its email and voicemail systems, according to the institution’s Chancellor Francisco C. Rodriguez.

As reported by the Los Angeles Times, the administration paid the ransom on January 4, a day after classes started. The ransom was paid after consultation with the college’s IT staff, cybersecurity experts and law enforcement, according to a college official.

It was the assessment of our outside cybersecurity experts that making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee that data would be lost,” Rodriguez said. “After payment was made, a ‘key’ was delivered to open access to our computer systems. The process to ‘unlock’ hundreds of thousands of files will be a lengthy one, but so far, the key has worked in every attempt that has been made.”

A number of services were restored the day after the ransom payment, according to Yusef Robb, district spokesman. The campus’ website, email and voicemail systems were among those that started functioning again.

A currently ongoing investigation claims that the Valley Glen campus was randomly targeted and while data was encrypted, there appear to be no signs of a compromise via a breach.

Captain Rod Armalin of the Los Angeles County Sheriff’s Department’s Community College Bureau claims that the law enforcement agency did not discuss with the college district whether the ransom ought to be paid. “We would not recommend either way,” he stated.

As stated above, however, the Los Angeles Valley College’s President confirmed that experts and law enforcement were consulted prior to making the payment.

“It was the assessment of our outside cybersecurity experts that making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee that data would be lost,” wrote Erika A. Endrijonas, President of the institution in a public release.

Image credit: AirBnB.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Canadian University Pays $20,000 to Ransomware Cybercriminals

The University of Calgary has revealed that it paid a $20,000 ransom in bitcoins to cybercriminals...

Read more arrow_forward