The BBC claims
to have obtained proof of ransom negotiations between the NetWalker gang and
the University of California San Francisco almost a week after the college
publicly reported on the costly security incident.
Readers might recall that NetWalker ransomware operators recently persuaded the UCSF to pay over $1 million in an extortion scheme using data-encrypting malware. Now, BBC News reports that an anonymous tip-off allegedly enabled the outlet to follow the ransom negotiations in a live chat on the dark web.
the screen captures, NetWalker operators initially demanded a $3 million
ransom, reasoning the amount is pennies for an education institution with
billions in annual turnover. But the university, likely with the help of an
external specialist negotiator, explained the pandemic had been
“financially devastating” for the college and asked them to accept
$780,000. After some back and forth, the hackers eventually accepted 116.4
bitcoins, or roughly $1.14 million.
BBC News for comment, the university offered the same explanation it provided
in its original announcement: “The data that was encrypted is important to
some of the academic work we pursue as a university serving the public good.” It
said it had no choice but to pay to unlock the encrypted data.
also suggested to BBC reporters that the screenshots obtained by the outlet are
would be a mistake to assume that all of the statements and claims made in the
negotiations are factually accurate,” the UCSF said.