At the time of writing the ransom demand to decrypt their files was not disclosed.
Even if the MSU will restore from backups, the NetWalker ransomware gang will leak the documents stolen on its dark web leak site.
As a proof of the attack, NetWalker ransomware operators have shared five images on the leak site.
“These include two images showing a directory structure allegedly from the university’s network, a passport scan for a student, and two scans of Michigan State financial documents.” reported ZDNet.
The NetWalker group is very active in this period, the list of the victims of the gang includes the shipping giant Toll. Researchers also identified a new Coronavirus phishing campaign that aims at delivering the Netwalker Ransomware using COVID-19 lures.
The university did not reveal the extent of the attack, students and employees are still working from home due to the COVID-19 outbreak, anyway, the incident may not impact the e-learning activity.
(SecurityAffairs – Michigan State University, hacking)