University pays ransom following hack

A university in Canada has paid a ransom totalling about $20,000 CDN (£11,000) that was demanded following a recent ransomware attack.

The malware installed during the attack on the University of Calgary caused emails and other files to become encrypted, leading to the ransom being paid – in Bitcoins – as part of efforts to maintain systems.

In a statement the university said the expertise of its IT department allowed the university to isolate the effects of the attack and make significant progress towards restoration of the affected portions of our systems. However, the decision was taken to pay the ransom in order to speed up the recovery process.

A ransomware attack involves an unknown cyber attacker locking or encrypting computers or computer networks until a ransom is paid, and when it is, keys, or methods of decryption, are provided. Ransomware attacks and the payment of ransoms are becoming increasingly common around the world.

The statement continued: “The university is now in the process of assessing and evaluating the decryption keys. The actual process of decryption is time-consuming and must be performed with care. It is important to note that decryption keys do not automatically restore all systems or guarantee the recovery of all data. A great deal of work is still required by IT to ensure all affected systems are operational again, and this process will take time.”

The attack is part of a disturbing global trend of highly sophisticated and malicious malware attacks against organisations including NASA, law enforcement agencies and large health-care institutions.

Earlier this year a survey highlighted some glaring issues surrounding data security in the public sector.

Related reading