3 min read

University of Calgary pays $15,000 to criminal ransomware attackers

Graham CLULEY

June 08, 2016

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
University of Calgary pays $15,000 to criminal ransomware attackers

 

What happens if you pay give in to criminal demands? Simple – the criminals keep committing crimes.

But what happens if you get struck by a ransomware attack, and don’t have proper backups to restore your precious data? Potentially you’re stuck in a quandary.

No-one likes to send a message to malicious hackers that crime pays, but that sadly is what the University of Calgary appears to have done.

Yesterday, in a press release, Vice President Linda Dalgetty revealed that approximately $20,000 CDN (US $15,600) had been paid to extortionists who had hit the Canadian university’s systems with a vicious ransomware attack.

Problems started for the University of Calgary a week-and-a-half ago, when a malware attack disrupted the campus’s email, Skype, wireless networks and Active Directory systems.

As the local media reported at the time, classes continued as normal but staff were warned not to use any university-issued computers and to stay off University of Calgary networks.

Clearly, despite their best efforts in the wake of the attack, the university’s IT team was unable to achieve a proper recovery. And so, the university paid the ransomware attackers’ Bitcoin ransom:

“As part of efforts to maintain all options to address these systems issues, the university has paid a ransom totalling about $20,000 CDN that was demanded as part of this “ransomware” attack. A ransomware attack involves an unknown cyberattacker locking or encrypting computers or computer networks until a ransom is paid, and when it is, keys, or methods of decryption, are provided. Ransomware attacks and the payment of ransoms are becoming increasingly common around the world.”

And the university is right. A lot of people are choosing to pay extortionists after their computer systems are compromised, and their data locked up with uncrackable encryption algorithms.

The rise of ransomware has been one of the biggest computer stories of the last couple of years, and has proven an effective way for online criminals to make a vast amount of money.

And much as it leaves an unpleasant taste in the mouth to give in to cybercriminals, I am sympathetic with businesses who find themselves having to make the pragmatic decision to pay up in order to stay in business.

Of course, that’s not the complete end to the story.

As Dalgetty describes, even with the decryption keys handed over by the cybercriminals, full recovery of encrypted data might take some time:

“A ransomware attack involves an unknown cyberattacker locking or encrypting computers or computer networks until a ransom is paid, and when it is, keys, or methods of decryption, are provided. Ransomware attacks and the payment of ransoms are becoming increasingly common around the world. The university is now in the process of assessing and evaluating the decryption keys. The actual process of decryption is time-consuming and must be performed with care. It is important to note that decryption keys do not automatically restore all systems or guarantee the recovery of all data. A great deal of work is still required by IT to ensure all affected systems are operational again, and this process will take time.”

As I’ve said many times before – it’s always better to be in a position of preventing a security incident rather than mopping up afterwards. With ransomware that is particularly important, as often the only way to recover your data (if precautions such as secured backups have not been made in advance) is to take the unpleasant step of paying the very people who are attacking you.

You don’t want to find yourself in the same position as the University of Calgary. Be sure to check out my tips on how to prevent your business suffering a ransomware attack before it happens to you.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials
Silviu STAHIE

November 26, 2021

1 min read
Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group
Filip TRUȚĂ

November 26, 2021

1 min read
Couple arrested for secretly installing cryptomining software on department store PCs Couple arrested for secretly installing cryptomining software on department store PCs
Graham CLULEY

November 26, 2021

1 min read