Ransomware Attack on Lincoln University: A Closer Look at the Fog Ransomware Group's Latest Target

Lincoln University, a historically black university located in Jefferson City, Missouri, has recently fallen victim to a ransomware attack orchestrated by the notorious Fog ransomware group. This attack has raised significant concerns about data privacy and security within the higher education sector.

About Lincoln University

Founded in 1866, Lincoln University is a prominent institution known for its commitment to providing quality education and fostering community involvement. As a historically black university, it offers a wide range of undergraduate and graduate programs across various disciplines, including liberal arts, sciences, business, education, and engineering. The university is recognized for its emphasis on experiential learning and leadership development, serving a diverse student body and employing between 1,001 to 5,000 staff members. With a revenue exceeding $120 million, Lincoln University plays a significant role in higher education.

Details of the Ransomware Attack

The Fog ransomware group claims to have exfiltrated 10 GB of sensitive data from Lincoln University. This data reportedly includes personal contact information of students and employees, as well as medical documents and other personal data. The breach poses significant risks to the privacy and security of individuals associated with the university. The attack highlights vulnerabilities in the university's cybersecurity infrastructure, which may have been exploited through compromised VPN credentials or known application vulnerabilities.

Fog Ransomware Group: A Growing Threat

Fog ransomware, a variant of the STOP/DJVU family, has been a significant threat since its emergence in November 2021. Known for its rapid encryption capabilities and sophisticated attack mechanisms, the group has targeted various sectors, including education and healthcare. The ransomware typically encrypts files with extensions like .fog or .flocked and demands a ransom in Bitcoin for decryption. The group distinguishes itself by employing double extortion tactics, threatening to release sensitive information if the ransom is not paid. Recent developments indicate a shift towards more lucrative targets, such as the financial sector, suggesting an evolution into a more prominent cybercrime organization.

Potential Impact and Response

The attack on Lincoln University underscores the growing threat of ransomware in the education sector. The university now faces the challenge of addressing the potential fallout from this cyberattack, including reputational damage and financial implications. As the Fog ransomware group continues to evolve, institutions must remain vigilant and enhance their cybersecurity measures to protect against such threats.

Sources

• Lincoln University Website
• BeforeCrypt: Fog Ransomware
• Adlumin: Fog Ransomware
• Computer Weekly: Fog Ransomware
• Darktrace: Investigation into Fog Ransomware