The group Akira ransomware claimed responsibility for an attack againstStanford University resulting in theft of property 430 GB of dataincluding personal information (of both students and teachers) and various confidential documents.
According to the modus operandi of the cybercriminal collective, already known for several similar actions, the amount requested as ransom from the institute could vary from $200,000 to $4 million. The university has not yet confirmed the attack and has not released any confirmation regarding a possible ransom demand.
Through official channels, the institute limited itself to stating that it is investigating an unspecified “Cyber security incident“. What happened, in any case, does not seem to have interrupted the daily activities of the university environment. A team of external security specialists is apparently working with the institute to understand the scope of the possible data breach.
Akira, for his part, has not revealed further data regarding his action, nor regarding the type of stolen datanor as regards the attack vector used.
Ransomware attack on Stanford University? For experts it could be an action planned for some time
Il Security Evangelist di Open System, Craig Harbersaid the breach at Stanford University may be attributable to other cyber incidents reported by the institution in the past.
For Harber, in fact “This cyber incident may be related to several other events at Stanford University this year, including a reported breach of the University’s Department of Public Safety firewall and another incident involving third-party software“.
Harber himself then presented a potentially disturbing scenario in which “These previous incidents may indicate a stealth campaign by the hacker to stay hidden while surreptitiously discovering and collecting sensitive information“.
Despite the decryptor free proposed by Avast a few months ago, the Akira group still seems very present on the scene, constituting one of the biggest threats globally in the ransomware sector.