EAST LANSING, MI — Michigan State University has been targeted by a ransomware attack that is threatening to publish stolen files if a bounty is not paid off, university officials have confirmed.
MSU’s information technology department quickly notified law enforcement agencies of the attack, MSU deputy spokesperson Dan Olsen said.
“At this time, we believe the intrusion is isolated to one unit on campus,” Olsen said via email. “The affected systems and servers have been taken offline to prevent further exposure and we are working with MSU Police Department and the Michigan State Police to conduct a thorough investigation.”
As reported by technology blog ZDNet, the operators of NetWalker ransomware, sometimes referred to as Mailto, announced they had infected the MSU network and gave university administrators a week to pay an undisclosed ransom demand to decrypt their files.
On Wednesday, May 27, a tweet appeared with screenshots of a directory structure from the university’s network, a passport scan for a student and two scans of the university’s financial documents, according to ZDNet.
ZDNet reports that the NetWalker group is one of 12 ransomware gangs that manage “leak sites” where they threaten to publish data in revenge against companies that refuse to pay the decryption fees.
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.