An unidentified hacker took home $28,000 after Los Angeles Valley College (LAVC) was hit with a ransomware attack and paid the fee for fear of permanently losing data on school computers.
No data breach was identified but the investigation into the incident is still in its early stages.
“In consultation with district and college leadership, outside cybersecurity experts and law enforcement, a payment was made by the District,” school president Erika Endrijonas said in a statement. “It was the assessment of our outside cybersecurity experts that making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee that data would be lost.”
The number one action anyone can take against ransomware is to back up data beyond the reach of attackers. But few targets engage in regular backups, and such a response is rarely available to victims.
A 2016 Wired article reports that one health care company lost access to 14 years of files due to a ransomware attack but had regular data backups so no payment was necessary.
In this latest incident, the school was given one week to pay. It did so on Jan. 6, the seventh day. They key delivered by the attacker is working to unlock the data.
TheLos Angeles Community College District, which oversees LAVC, used a cybersecurity insurance policy to pay the ransom and bring in expert assistance.
The $28,000 ransom stands as one of the largest ever publicly acknowledged. The University of Calgary publicly disclosed in June 2016 that it paid a $20,000 ransom after the university’s email servers were hit with ransomware.
The Los Angeles school says the targeting appeared random. A September 2016 report, however, said that universities have been the hardest and most frequently hit by ransomware attacks in a year in which the cyberattack became a billion dollar industry.