2020-05-27
Michigan State University Suffers Ransomware Attack
The computer network at Michigan State University (MSU) was hit with ransomware earlier this week. The ransomware operators, who used malware known as NetWalker, have given MSU one week to pay the ransom. The NetWalker operators have threatened to publish data stolen from MSU's network if the payment is not received within the given time frame. Researchers at Sophos investigating NetWalker found that the ransomware uses "tools include[ing] legitimate, publicly-available software (like TeamViewer), files cribbed from public code repositories (such as Github), and scripts (PowerShell) that appeared to have been created by the attackers themselves."
Editor's Note
Virginia Tech CISO and Senior SANS Instructor Randy Marchany detailed in a recent SANS webinar how his team has maintained security operations before and through the current situation and increase in ransomware attacks - you can view the recorded version and download the .pdf version with Randy's links from https://www.sans.org/webcasts/making-keeping-work-home-operations-safe-productive-114490: Making and Keeping Work at Home Operations Safe and Productive

John Pescatore
Read more in
Edscoop: Michigan State hit by ransomware threatening leak of student and financial data
ZDNet: Michigan State University hit by ransomware gang
Bleeping Computer: Michigan State University network breached in ransomware attack
Dark Reading: Netwalker Ransomware Tools Reveal Attacker Tactics and Techniques
Sophos: Netwalker ransomware tools give insight into threat actor