Ransomware cyberattack continues at Bluefield University
Ransomware cyberattack continues at Bluefield University
“AvosLocker” is taking credit for the attack and is demanding payment
By Clayton McChesney
Published: May. 2, 2023 at 12:03 AM BST
BLUEFIELD, Va. (WVVA) -There are new developments on the cybersecurity attack that has crippled internet services at Bluefield University. We’ve learned through “RamAlert” texts sent to students, faculty and staff that the cyber attackers are now directly communicating with everyone on the alert system. They have identified themselves as “AvosLocker” and are demanding payment in return for not leaking students’ private information. The FBI considers AvosLocker to be ransomware. In March 2022, they released an advisory on it. They said avoslocker has “Targeted victims across multiple critical infrastructure sectors in the U.S. Including...The financial services, critical manufacturing, and government facilities sectors.”
A “RamAlert” text sent just before noon on Monday says that AvosLocker has “hacked the university network to exfiltrate 1.2 terabytes of files.” The text also claimed they have admissions data from thousands of students that they could leak on “a dark web blog.” They also said “They will continue attacking if BU’s president does not pay.” They didn’t say in the text how much money they’re asking for.
BU released a statement earlier today that says: “...As you know, on Sunday, April 30, 2023, Bluefield University discovered a cybersecurity attack that impacted our systems. Upon learning of this issue, we immediately engaged independent third-party cybersecurity experts to assist in our review and remediation efforts, but it may be a few days before full functionality can be restored. We are working through the investigation to determine the nature and extent of the incident. However, as of now, we have no evidence indicating any information involved has been used for financial fraud or identity theft.”
We talked to two students over the phone who wanted to remain anonymous. While they expressed concerns about their personal information being leaked, they were also optimistic about the university’s response.
”I think they’re doing the best they can with the circumstances... Kind of came out of nowhere. I could see how it would be difficult to... kind of prepare for something like this. I believe that they’ll... get through it, you know. It’s just a little bump in the road, but they’ll get through it,” says one anonymous student.
Bluefield University says its myBU and Canvas websites can safely be used, which means final exams can take place. These finals have been postponed one day from their original assigned time.
WVVA will continue to follow developments with this story.
“AvosLocker” is taking credit for the attack and is demanding payment
By Clayton McChesney
Published: May. 2, 2023 at 12:03 AM BST
BLUEFIELD, Va. (WVVA) -There are new developments on the cybersecurity attack that has crippled internet services at Bluefield University. We’ve learned through “RamAlert” texts sent to students, faculty and staff that the cyber attackers are now directly communicating with everyone on the alert system. They have identified themselves as “AvosLocker” and are demanding payment in return for not leaking students’ private information. The FBI considers AvosLocker to be ransomware. In March 2022, they released an advisory on it. They said avoslocker has “Targeted victims across multiple critical infrastructure sectors in the U.S. Including...The financial services, critical manufacturing, and government facilities sectors.”
A “RamAlert” text sent just before noon on Monday says that AvosLocker has “hacked the university network to exfiltrate 1.2 terabytes of files.” The text also claimed they have admissions data from thousands of students that they could leak on “a dark web blog.” They also said “They will continue attacking if BU’s president does not pay.” They didn’t say in the text how much money they’re asking for.
BU released a statement earlier today that says: “...As you know, on Sunday, April 30, 2023, Bluefield University discovered a cybersecurity attack that impacted our systems. Upon learning of this issue, we immediately engaged independent third-party cybersecurity experts to assist in our review and remediation efforts, but it may be a few days before full functionality can be restored. We are working through the investigation to determine the nature and extent of the incident. However, as of now, we have no evidence indicating any information involved has been used for financial fraud or identity theft.”
We talked to two students over the phone who wanted to remain anonymous. While they expressed concerns about their personal information being leaked, they were also optimistic about the university’s response.
”I think they’re doing the best they can with the circumstances... Kind of came out of nowhere. I could see how it would be difficult to... kind of prepare for something like this. I believe that they’ll... get through it, you know. It’s just a little bump in the road, but they’ll get through it,” says one anonymous student.
Bluefield University says its myBU and Canvas websites can safely be used, which means final exams can take place. These finals have been postponed one day from their original assigned time.
WVVA will continue to follow developments with this story.