Mailto Ransomware Attack: Michigan State University Refuses to Pay Hackers
Following a Mailto ransomware attack against Michigan State University (MSU), the university says it will not pay hackers who are threatening to release data allegedly stolen during the attack.
Explaining the decision, MSU Police Department Chief Kelly Roudebush said:
“It is important to remember that these are criminal acts being carried out by individuals seeking nothing more than an opportunity to earn a quick buck at any person or entity’s expense. Paying cyber-intrusion ransoms perpetuates these crimes and provides an opportunity for the group to live another day and prey upon another victim.”
The intrusion was limited to one unit on campus — the Department of Physics and Astronomy, MSU Today reports. With the help of law enforcement, the university is in the process of identifying the information that was compromised and will notify individuals who may be impacted by the intrusion as soon as they are identified, the report adds.
According to a May 28 statement from MSU:
“Within hours of the intrusion, MSU IT took prompt action and notified law enforcement agencies. At this time, we believe the intrusion is isolated to one unit on campus. The affected systems and servers have been taken offline to prevent further exposure and we are working with MSU Police Department and the Michigan State Police to conduct a thorough investigation.”
The attack involved NetWalker (Mailto) ransomware, ZDnet reports. MSU administrators had one week to pay an undisclosed ransom demand to decrypt the MSU files, that report indicated. If MSU doesn’t pay the ransom, the attacks have threatened to leak documents stolen from the university’s network, ZDnet added.
Leaking stolen documents is part of a growing ransomware attack trend. The approach pressures attack victims to open their wallets — even if the victim safely restores targeted data from backups.