reader comments 64
Share this story
The Los Angeles Community College District (LACCD) paid a $28,000 ransom in bitcoins to free up the Los Angeles Valley College campus’ network, e-mail, and voicemail systems, which were targeted during a winter break when the campus was closed.
According to a Wednesday statement from an LACCD spokesman, district officials concluded that it was worth it to pay the ransom—in part, because the district has an insurance policy that covers such incidents.
“It was the assessment of our outside cybersecurity experts that making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee that data would be lost,” LACCD Chancellor Francisco C. Rodriguez said in the statement. “After payment was made, a ‘key’ was delivered to open access to our computer systems.
The process to ‘unlock’ hundreds of thousands of files will be a lengthy one, but so far, the key has worked in every attempt that has been made.”
As of January 1, 2017, deploying ransomware in California became a formalized state crime.
Last year, San Francisco’s Municipal Transportation Agency was notably hit with ransomware—the attacker demanded about $73,000 in bitcoins.
That attack failed when the MTA’s IT staff could restore from a previous backup.
Conversely, in February 2016, Hollywood Presbyterian Medical Center, the Los Angeles hospital held hostage by crypto-ransomware, decided to pay a ransom of 40 bitcoins—the equivalent of $17,000 at the time.
According to the FBI, ransomware payouts in the United States jumped from $25 million in all of 2015 to over $209 million in just the first quarter of 2016.