Columbia College Chicago has suffered a NetWalker ransomware attack. The college may have paid hackers' extortion demands after the perpetrators threatened to publish and/or sell students’ private data, according to The Columbia Chronicle, a student-run news publication.
The college originally said that it didn't believe any data had been compromised. But a June 5 statement from Chief of Staff Laurent Pernot conceded some college, employee and student data "was accessed by the perpetrators, though the exact nature and extent of that is still being determined,” Pernot told The Columbia Chronicle.
Sources told the publication that Columbia College Chicago may have paid the hackers' extortion demands -- since the college's data was no longer mentioned in a dark web post about recent attacks. The college has not commented specifically about the ransomware demands and whether a payment would/has been made.
What Is NetWalker Ransomware -- And Who Has Been Attacked?
NetWalker was discovered in August 2019 by ID Ransomware, according to BleepingComputer. It was initially named Mailto based on the extension that was appended to encrypted files, but ransomware recovery company Coveware later discovered a decryptor for the ransomware that indicated that the developer’s name for the infection was NetWalker.
NetWalker compromises networks and encrypts all Windows devices connected to them, BleepingComputer indicated. When executed, NetWalker uses an embedded configuration that includes a ransom note template, ransom note file names and various configuration options.
Recent NetWalker ransomware attack victims include:
- An Illinois public health district website.
- Michigan State University, which refused to pay the ransom.
How MSPs Can Mitigate Ransomware Attack Risks: To safeguard your MSP business and clientele from ransomware attacks, follow this tip sheet.