Canada’s University of Calgary paid up to ransomware attackers who asked for CDN $20,000 to regain access to their files which were encrypted back in May 28th.
The Canadian university’s systems were infiltrated by the ransomware after it was able to install on the school’s machines, encrypting their data, and demanding the aforementioned account in exchange.
The school’s administrators were forced to pay the ransom in BitCoins, a common procedure followed by ransomware attackers.
The school’s VP of finance and services, Linda Dalgetty, said that the school attempted to maintain all their options in addressing the system issues they were facing, but inevitably paid the ransom in the end.
She also stated that the process of regaining their files was “time-consuming and must be performed with care,” adding that the decryption keys they got from the attackers did not guarantee that they will able to restore all their systems or the recover all their data.
The university being targeted by attackers wasn’t surprising – larger organistaions are more willing to fork over the ransom.
According to reports, over a hundred of the school’s systems were affected by the attack.
On a more positive note, the university’s students and staff were able to regain access to their email accounts several days after the attack – albeit on a different system of the school’s network.
Services affected by the attack were the school’s wireless networks, Skype, and email accounts, among others.
The university’s users were also asked to not use the services on the school’s computers while they were undergoing the ransomware attack.
Dalgetty added that they made this information public because they are a public sector organisation and that they pride their selves on their transparency.
Kathy Macdonald, a former Calgary police officer who now works as a cybersecurity specialist, said that the university being targeted by attackers was not surprising as this is commonplace in ransomware attacks; since large organisations like schools are more willing to fork over the ransom.
Macdonald adds that hackers usually research before an attack, looking through social media like LinkedIn because it is a “treasure trove of information about an organisation.” This is how the criminals pick someone “important” from the company, who they then send phishing emails to while posing as prominent officials themselves.
She continues on by saying that no company is completely protected from ransomware or similar malware; stressing the importance of network security, data backup, and user education to an organisation.
Comprehensive multi-device protection for you and your family for up to 6 PCs, Macs, Android, and iOS devices. For more info click here.