BU cyberattack: cybersecurity experts discuss ransomware

FBI say they’re aware of this ransomware variant.
Published: May. 4, 2023 at 9:08 PM EDT
Email This Link
Share on Pinterest
Share on LinkedIn

BLUEFIELD, Va. (WVVA) -As we reported Monday, hackers targeting Bluefield University are threatening to release the private information of thousands of students onto the dark web unless Bluefield University agrees to pay their ransom of an unknown amount. This leaves Bluefield University with this question: ‘to pay or not to pay.’

When the cyberattack took control of the university’s emergency alert system, they broadcast their name to the entire campus: AvosLocker. The FBI say they’re familiar with AvosLocker and say it’s just one example of ransomware. There are others that are just as dangerous.

“AvosLocker is a ransomware variant that the FBI is familiar with. But it is one of many ransomware variants that are currently affecting victims across the United States,” says Jonathan Holmes, Supervisory Special Agent for the FBI.

An official from Bluefield University says the attack originated from the university’s email system. The FBI says fake emails are one of many tactics of ransomware attacks. An expert on digital crime we spoke to says fake emails can be generated by anyone and they will say anything to get you to bite on their clickbait.

“...Usually, they’ll try and try and trick you into downloading something like, you know, payroll documents something that looks juicy that someone would want to click on...” says Andrew Clark IV, Marshall University Digital Forensics Research Laboratory Manager, “…If someone’s on... (Bluefield University’s) account, they’ve got their email through the school or something, if it gets hacked, then the attacker can use that email and send a mass email out to everybody, again, like I said earlier, it could be something like, ‘Hey, here’s the payroll. Click on this, download, and look at it,’ that’s something that people might want to see.”

A cybersecurity expert at Bluefield State University says anyone can be a victim of ransomware, adding, it’s not an issue of if but when.

“We think of ourselves as experts, and we always say, ‘I’m not going to click a nefarious link, because I know what that bad stuff looks like...’ and what happens is, unfortunately we’re not as good as we think we are,” says Dr. Philip D. Schall, Associate Professor for Computer Science and Cybersecurity at BSU.

Now that Bluefield University is the victim of ransomware, they are faced with the choice to pay the ransom or not. Schall says it’s not an easy decision.

“There’s also a fifty percent chance they’re not going to give you your stuff back, they’re just going to go away, and your system is going to be compromised, and they got their money and they’re gone, so...” says Schall, “...I’ve seen people pay the ransom and be successful. I’ve also seen people pay the ransom, and they don’t keep their end of the bargain because they’re criminals, and they end up being in the exact same position they were before they paid the ransom.”

Schall adds, this is the world we live in now and attacks like this one are only going to get worse. The best course of action takes place before the attack, primarily making backups on different servers.

FBI recommends that victims of ransomware never pay to get their system back. They say for more information on preventing ransomware attacks, visit this website.