The problem, Merrigan told KrebsOnSecurity, is that with so many actors the victims may not know who actually has the stolen data. Researchers Victor Gevers and Niall Merrigan have been tracking the various victims and ransom demands as threat actors compete to have the most up-to-date ransom notes. In addition, the ongoing issue of insecure MongoDB databases being stolen, deleted and subsequently extorted continues to rack up thousands of new potential victims, including Princeton University.
While much time will pass before this matter is resolved, we have already availed ourselves of the resources provided by the policy, including assistance of cybersecurity experts.”
“The District has a cybersecurity insurance policy to address these specific types of cyber intrusions and it was activated during this incident. “It was the assessment of our outside cybersecurity experts that making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee that data would be lost,” the district said in a FAQ, echoing the sentiments of many other organizations who’ve decided to pay ransoms. Los Angeles Community College District’s recent decision to pay a $28,000 ransom after an infection “disrupted many computer, online, email and voice mail systems” is just the latest of example. A year later those types of stories are no longer unique they’re routine. It was less than a year ago that Hollywood Presbyterian Medical Center became a national news story by paying a $17,000 ransomware demand so that staff could regain access to infected computers. Extortion continues to dominate the cybercrime headlines in 2017 with the week’s top two trending targets being the successful ransom at Los Angeles Valley College and continued extortion attempts around MongoDB databases.