Los Angeles College Pays Hackers $28,000 Ransom for Data


Last week, the Los Angeles Community College District’s (LACCD) computer systems were held for a whopping $28,000 ransom—and because they paid, the ransomware makers are now that much richer.

Once again, the whole thing could have been avoided with some cheap $250 backup software. You can almost hear the campus management kicking themselves from here.

The worst part is the justification the LACCD gave for the ransomware payout—and the consequences for other educational institutions in the future.

Our Insurance Policy Will Cover It; LACCD

The cyber-attack, which was conducted at random, struck over winter break. It caused disruption to online, financial aid, email and voicemail systems, locking out 1,800 students and staff from their computers.


In the end, the college decided to hand over $28,000 to the hackers because their insurance would cover it, according to their official statement. Also, without proper backups, failure to pay would “virtually guarantee that data would be lost”.

Unfortunately, this scenario has left the hackers $28,000 richer. It is a well-known pattern that once a ransomware attack has successfully worked on one institution, the hackers soon go after other similar institutions in an area to reproduce these results.

Ironically, this pattern was observed in the same region last year. A Los Angeles hospital paid US $17,000 to ransomware attackers. Directly after, dozens of hospitals in California, Nevada and Kentucky were fresh victims of the ransomware attacks.

So yes, the insurance policy will cover the cost. But what about everyone else?

The College Got Very Lucky Without Backups; Hacker News CEO

Locked Forever: A Ransomware payment may not give you the key.
Locked Forever: A Ransomware payment, even of $218,000, may not give you the key.

The college was fortunate this time, because with ransomware there is no guarantee that you get the right decryption key in return, said The Hacker News CEO Mohit Kumar.

“For example, recently discovered KillDisk Ransomware that targets Linux machines, demands $218,000 to decrypt, but in return, wipes out data permanently,” he said.

“Last year, we saw an enormous rise in Ransomware threats, both in numbers and sophistication, and the only way to secure your environment is to deploy an automated and isolated backup mechanism.”

However, now that they have the key, the college is stuck unlocking hundreds of thousands of files, one by one.

“The process to ‘unlock’ hundreds of thousands of files will be a lengthy one, but so far, the key has worked in every attempt that has been made”, LACCD Chancellor Francisco C. Rodriguez said.

Ransomware Demands are Getting Larger; FBI


According to the FBI, Ransomware demands have skyrocketed from $25 million in all of 2015 to over $209 million just in the first quarter of 2016.

With the spike in ransomware going sharply upward and no strong disincentive for criminals, it’s safe to assume this rise is going to continue into 2017.

And even though ransomware has been declared a crime in California as of September 2016, no arrests have been made, not even in the half a dozen ransomware incidents investigated by the Cyber Investigation Response Team of the Los Angeles County district attorney office.

The reason? Authorities just can’t prove who is responsible for deploying ransomware, according to Prosecutor Don Hoffman, head of the division.

Backups Are STILL Your Safeguard Against Ransomware

Backups Work: It’s a tried and true method of anti-ransomware defense.

Ransomware attacks are random. Your response to them doesn’t need to be. Ransomware is regularly thwarted by anyone with proper backup software and a sound backup strategy in place, and there’s plenty of examples.

Once again in California, San Francisco’s Municipal Transportation Agency was hit with ransomware—and the attacker demanded a whopping $73,000 in bitcoins. They, and the taxpayers, dodged paying this because the MTA’s staff could restore from a backup.

Another ransomware attack hit 10 U.S. Hospitals last year, endangering Washington and Baltimore patients by infecting key medical systems. The hospitals avoided having to pay the $18,500 ransom because their IT didn’t just quickly detect the intrusion, they shut down network operations and restored their data from backups.

If being randomly hit by ransomware can cost you up to $73,000 in upfront capital, can any business really afford to risk not regularly backing up their data?

That said, getting great backup software doesn’t have to cost you much at all. If you’re using a Microsoft OS, we recommend protecting your systems with BackupAssist (Free trial here). For other OS’s, read our backup review guide to find out what works for you.

Share on email
Share on print
Share on facebook
Share on google
Share on twitter
Share on linkedin



Start your free 30-day trial today