Hackers extort a company after stealing COVID-19 vaccine data

Ransomware incidents remain a serious threat to individuals and organizations, especially in times of pandemic. A couple of months ago, researchers at the University of California, San Francisco (UCSF) noticed that they were unable to access some data and systems, including research on a vaccine for COVID-19. They later noticed that a hacker group encrypted their servers, demanding a ransom payment to restore access.

Threat actors reportedly demanded about $3 million in exchange for releasing the compromised information. The malicious hackers did not seem to target these labs, as the rescue negotiator mentioned that the target was “in the wrong place and time.” UCSF even hired a professional negotiator to agree payment to hackers.

During the negotiations, conducted through a dark web platform, UCSF offered to pay $780,000, although hackers said the University could pay much more: “Keep that 780 grand to mc Donald’s; that’s a very small amount for us,” the threat actors said.

Esta imagen tiene un atributo ALT vacío; su nombre de archivo es vaccine01.jpg

After a day of negotiations, UCSF pledged to pay a $1.02 million USD ransom, although criminals set their best bid at $1.5 million USD. Eventually, the university offered a payment of just over $1, 140,000.

Esta imagen tiene un atributo ALT vacío; su nombre de archivo es vaccine02.jpg

After security firms and federal agencies analyzed interactions between hackers and UCSF, they concluded that these criminals appear to be members of the huge Netwalker hacking group.

Cybersecurity specialists say these kinds of incidents are on the rise, as threat actors assume that companies or individuals have much to lose. A recently released report by the Federal Bureau of Investigation (FBI) states that Chinese government-sponsored hacking groups could deploy serious attacks on universities and research centers working on a vaccine for the virus that threatens humanity.