A ransomware attack against the University of Calgary prompted the institution to pay $20,000 to regain access to its own email system.
This type of attack involves an unknown cyber-attacker locking or encrypting computers or computer networks until a ransom is paid, and when it is, keys, or methods of decryption, are provided.
The attacks started at the end of May, locking staff, students and faculty out of their emails. Now that a ransom has been paid, the university hopes it can regain control of its systems quickly.
“The university is now in the process of assessing and evaluating the decryption keys.” said Linda Dalgetty, Vice-President, Finance and Services, in a press release. “The actual process of decryption is time-consuming and must be performed with care. It is important to note that decryption keys do not automatically restore all systems or guarantee the recovery of all data. A great deal of work is still required by IT to ensure all affected systems are operational again, and this process will take time.”
Dalgetty says while its unfortunate to have to pay the ransom, the university can't risk losing critical data.
"We are a research institution, we are conducting world class research daily and we don't know what we don't know in terms of who's been impacted and the last thing we want to do is lose someone's life's work," she said.
Even though the university paid the ransom, it still contacted the Calgary Police Service to launch a criminal investigation.
“This attack is part of a disturbing global trend of highly sophisticated and malicious malware attacks against organizations including NASA, law enforcement agencies and large health-care institutions,” said Dalgetty.
Email was available for faculty and staff as of Monday, June 6, and there is no indication that any personal or other university data was released to the public.
