A university in Canada has publicly revealed that it has paid hackers the ransom fee they demanded in order to regain access to data stored on computers and servers on its campus network.
“As part of efforts to maintain all options to address these systems issues, the university has paid a ransom totalling about $20,000 CDN that was demanded as part of this “ransomware” attack.”
The University of Calgary admitted that it had transferred 20,000 dollars of Canadian currency into Bitcoin after both onsite and external IT security experts were unable to undo or remove the malware that hackers had encrypted the machines with.
In a statement released on the Calgary University website, Linda Dalgetty, Vice-President, Finance and Services said:
“As has been communicated over the past 10 days, the University of Calgary experienced a cyberattack that impacted its systems. This attack is part of a disturbing global trend of highly sophisticated and malicious malware attacks against organizations including NASA, law enforcement agencies and large health-care institutions. UCalgary IT teams have been working around the clock to address systems issues caused by the attack, and regular updates have been provided to the campus community. “
In an unrelated and coincidental move of irony, Intel announced in the same week that they were becoming increasingly concerned with the ever increasing number of ransomware infections and the ease of use with which a ransomware attack could be launched.
As is now considered standard practice amongst ransomware hackers, Calgary University found that hackers had managed to encrypt over a 100 computers on their internal network and would not send on the decryption codes unless their payment demands were met.
Victims of such an attack invariably find themselves with little option but to pay the ransom, or lose all their data.
According to Dalgetty, the university is now “in the process of assessing and evaluating the decryption keys. The actual process of decryption is time-consuming and must be performed with care. It is important to note that decryption keys do not automatically restore all systems or guarantee the recovery of all data. A great deal of work is still required by IT to ensure all affected systems are operational again, and this process will take time..”
At the time of writing, the university also said that there was so far no indication or evidence that suggested any confidential, university, or personal data information had been or would be released to the public.
Time will tell.