District officials report that the payment yielded the desired information. Email and other information systems were back in working order as Los Angeles authorities investigated what officials believe was a randomly targeted attack. As of Thursday evening, IT experts were still working to unlock some of the college’s files.
“In consultation with district and college leadership, outside cybersecurity experts and law enforcement, a payment of $28,000 was made by the District,” Francisco C. Rodriguez, the district’s chancellor, said in a statement on Jan. 6. “It was the assessment of our outside cybersecurity experts that making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee that data would be lost.”
“You have just 7 days to send us the #BitCoin after 7 days we will remove your private keys and it’s impossible to recover your files,” the attackers warned, according to a copy of the note obtained by The Washington Post.
The missive advised the college that its electronic files had been encrypted and that the files could only be unlocked with a “private key.” The attackers would supply the key after receiving payment in the valuable digital currency known as bitcoin, which can be used anonymously without a centralized bank.
The cyberattack struck Los Angeles Valley College late last month, disrupting email, voice mail and computer systems at the public community college in Southern California. Then, school officials found a #ransom note.