Hive Ransomware Group Victimizes Knox College in Illinois
Table of Contents
- By Steven
- Jan 12, 2023
Ransomware groups are rising to prominence in more recent years than ever before. Two hundred years ago, this equivalent would have been kidnapping a member of high society and demanding a ransom. Now, that is much harder to execute and far easier to track. Ransomware, on the other hand, is almost impossible to track if done correctly. The payments ping through so many locations it’s hard to know where it starts and ends, and it’s almost impossible to find who did it, let alone prove it and incarcerate them.
How Did the Attack Occur?
The liberal arts school in Galesburg, Illinois, recently identified an attack on its internal systems as ransomware. The school realized an issue in its systems on November 24, 2022, and soon found it was ransomware. The ransomware gang Hive has claimed the attack as its own, even going so far as reaching out to students directly, hoping to scare them into giving them what they want.
What Information Was Viewed or Stolen?
While the list of stolen information may seem short, it is not sweet. The information the hackers accessed is some of the most sensitive information they could have accessed. Addresses, names, passport numbers, birthdays, driver’s license numbers, and social security numbers were all involved, though the actual access of these likely varied based on the victims. Hive also claimed access to medical records and the sort.
How Did Knox Admit to the Breach?
Unfortunately, Knox never quite got the chance to; Hive sent out emails to students. The messages read easily enough but with broken English, suggesting that Hive is an international group. “Additionally all of your SSN and Medical records will be put for sale, for every hacker to gain access and use your data in whatever illegal activity they want,” they wrote. “To us, this is a normal business day. For you, its a sad day where everyone will see your personal and private info.” This is the first (known) time hackers have used their access to speak directly to students after an attack like this.
What Will Become of the Stolen Information?
The stolen details will likely be sold, as Hive already promised to do so and will probably keep their word. A small solace for victims is that the FBI has been involved in the investigation for a while. The FBI will have special teams that are trained specifically to stop this type of attack.
What Should Affected Parties Do in the Aftermath of the Breach?
Ransomware attacks are nothing to be trifled with. Fortunately, there are steps that you can take to protect yourself, and we’re here to help. The most important things to bear in mind during college are your future and your safety, and you shouldn’t have to add the concern over your information being on the dark web to your list of things to worry about.