Michigan State University is being targeted by a ransomware attack carried out by a hacker claiming to have stolen files, including students’ personal information, with the threat of publishing them online if a bounty is not paid.
A post appeared Wednesday on a blog affiliated with NetWalker, a relatively newer form of ransomware, containing a screenshot of a Microsoft Windows file directory including folders that appear to belong to individual users on the university’s network. The post threatened “secret data publication” with a countdown clock with about one week remaining. The ransom demanded was not specified.
The NetWalker ransomware, which is sometimes labeled as Mailto, first emerged in mid-2019 and is designed to target enterprise networks rather than individual users, according to Brett Callow, an analyst with the cybersecurity firm Emsisoft who shared the Michigan State screenshot with Scoop News Group. And like other attackers over the past year, hackers using NetWalker have shifted their tactics from merely locking up computer networks in hopes of being paid off to stealing and openly publishing its victims’ data.