Los Angeles Valley College (LAVC) has paid a public record of $28,000 in Bitcoin to extortionists after ransomware encrypted hundreds of thousands of files held on its servers.
In a public statement shared on the College’s homepage, LAVC said the unnamed ransomware got inside the organisation on December 30.
It was detected within hours but too late to stop IT staff being locked out of critical files held on multiple servers. In addition to losing data access, important services went down, including the College’s network, email and phone system, bringing the College to a virtual standstill.
So far, the story mirrors many similar ransomware attack stories playing out behind a veil of silence in many, many smaller organizations ever since almost untraceable Bitcoin turned ransomware into a crime that could be carried out at industrial scale.
These organizations find themselves with a figurative gun held to their heads and a choice: how badly do they want those files and servers back?
If the backup strategy + DR practices allow, we would say – trash the servers and restore/fail-back into DR mode. But don’t pay. If your backup + DR don’t have you covered – can you live without the data? If not, you might have to pay. But ALWAYS get the FBI involved.