The attackers would demand a ransom in cryptocurrencies; the amount is unknown.
UBA administrative staff, lecturers and students are affected by the business interruption.
The University of Buenos Aires was hit by a ransomware attack that affected its servers. This affects certain administrative processes, including the management of student profiles and registration for courses during the summer season.
Last Thursday from the system area of Argentina's largest university became known The The Rectorate's servers were compromised.
According to the UBA, the intervention began in Data center. The potentially affected teams are already isolated. Computer specialists continue to work to identify possible latent threats.
Adds the university statement:
“Although the exact extent of the attack has not yet been determined, it has been determined that some servers in the university's Windows environment were compromised as a result.” We have integrated special devices and licenses to increase computer security and avoid new inconveniences. Progress has been made in configuring virtualization, licensing and necessary updates. The implementation of a new virtual FW on the data center equipment.
Statement from the University of Buenos Aires
Because of what happened, The UBA has set a new schedule for registering subjects. They warn that work to fully normalize services will be extended for several weeks.
On the blog ElHacker, specializing in computer security, Explain:
Both the internal diagnosis and the extent of a cyberattack typically take several days, often even weeks, so its extent and the data compromised are likely still unknown. Due to the nature of the system, personal information of teachers and students could be present, from addresses to grades.
What are ransomware attacks and how do they relate to cryptocurrencies?
Ransomware attacks have become one of the biggest cyber threats. These attacks involve the use of some type of Malware that, once installed on a computer system or network, encrypts files on the device or across the network. Cybercriminals then demand a ransom to provide the decryption key needed to regain access to the affected files.
Cryptocurrencies – mainly those focused on data protection, such as Monero (XMR) – are the preferred means of paying ransoms demanded by the attackers. Because it offers attackers freedom of movement without being tracked by security services. In addition, cryptocurrencies offer access to a highly liquid market. They can be quickly exchanged for fiat money.
Ransomware attacks take advantage of the decentralized and anonymous (or pseudo-anonymous) nature of cryptocurrencies to extort victims, complicating authorities' efforts to combat this type of crime. The University of Buenos Aires, like many other institutions and companies, is faced not only with the interruption of its operations, but also with the ethical and legal dilemma whether to pay the demanded ransom or not.
Although these and other types of crimes related to Bitcoin (BTC) and other digital assets are often used to “demonize” these tools, various reports reported by CriptoNoticias show that cryptocurrencies are being used only a tiny fraction of all crimes committed. However, most criminals use traditional banking networks and payment systems.