University pays $20,000 in ransomware attack

The ransomware plague has hit the University of Calgary, and the academic institution did what many victims do: they paid the ransom to get the encrypted files back.

The attack on the University of Calgary

The amount they paid was 20,000 Canadian dollars, in Bitcoin, and they received the decryption keys that – according to Linda Dalgetty, the University’s VP of finances and services – work as they should.

“The actual process of decryption is time-consuming and must be performed with care. It is important to note that decryption keys do not automatically restore all systems or guarantee the recovery of all data. A great deal of work is still required by IT to ensure all affected systems are operational again, and this process will take time,” she pointed out.

“The university is working with various experts in this field, and because this was a criminal act, the Calgary Police Service has been brought in as part of the investigation. As this is an active investigation, we are not able to provide further details on the nature of the attack, specific actions taken to address it, or how or if decryption keys will be used.”

According to the Calgary Herald, the attack happened in late May, and affected over 100 computer systems, as well as the University’s email, Skype, wireless networks and other services.

CBC News reports that the University decided to pay the ransom because they do world-class research and they did not want to be in a position that they had exhausted the option to get people’s potential life work back.

“We did that solely so we could protect the quality and the nature of the information we generate at the university,” Dalgetty said.

She also noted that there is no indication that any personal or other university data was released to the public by the attackers.

The problem with ransomware

Ransomware started as a threat directed against individual end users, but it didn’t take long for attackers to realize that businesses, police departments, academic and healthcare institutions are way better targets

Any organization that has data crucial to its functioning and does a poor job of backing it up will pay much more than a single user would to get their files back.

Law enforcement and government agencies have repeatedly urged victims not to pay the ransom but, realistically, not everybody can afford to do that. There have been instances where police departments have been hit with ransomware, and even they gave in and paid the asked-for ransom.

Regularly backing up important files is the only way to make sure that if you’re hit with ransomware you’ll be able to say no to the crooks’ demands.

But some companies and organizations have also begun stockpiling cryptocurrency so that they have some at hand if they ever get hit.

No doubt about it – ransomware is a lucrative business, and is likely to continue to be so until we find a better solution to the problem.

Don't miss