"Ransomware Actors Extort University Via Alert System"

Ransomware attackers recently turned up the heat on a small Virginian university by hijacking a staff/student alert system to warn of a major impending data leak.  Bluefield University discovered an attack on its IT systems on April 30, ahead of final examinations this week.  The university stated that upon learning of this issue, they immediately engaged the provider and independent third-party cybersecurity experts to assist in their review and remediation efforts, but it may be a few days before full functionality can be restored.  In an unusual move designed to increase the likelihood of the university paying its extorters, the threat actors managed to gain control of the institution's mass alert system, known as RAMAlert.  The university warned that if you are contacted by anyone claiming to be involved in the incident, please don't click on any links provided by the individual or respond.  However, rather than post malicious links, the threat actors merely publicized the attack to staff and students in a bid to increase the chances of a ransom payment.  One alert said, "We have admissions data from thousands of students.  Your personal information is at risk to be leaked on the dark web blog."  The second alert read, "Please share this information with local media news.  If we don't receive payment, full data leak will be published!" The attackers in question claimed to be part of the AvosLocker group and to have 1.2TB of files in their possession. 

Infosecurity reports: "Ransomware Actors Extort University Via Alert System"