A Canadian university has paid a ransom fee of $20,000 CDN following a ransomware attack against its computer systems. Linda Dalgetty, Vice-President of Finance and Services at the University of Calgary, announced the ransom payment on Tuesday in a statement posted to the school's website:
"As part of efforts to maintain all options to address these systems issues, the university has paid a ransom totalling about $20,000 CDN that was demanded as part of this 'ransomware' attack.... Ransomware attacks and the payment of ransoms are becoming increasingly common around the world. The university is now in the process of assessing and evaluating the decryption keys. The actual process of decryption is time-consuming and must be performed with care. It is important to note that decryption keys do not automatically restore all systems or guarantee the recovery of all data. A great deal of work is still required by IT to ensure all affected systems are operational again, and this process will take time."
The University of Calgary The trouble began on May 28, when the university first began receiving complaints of issues affecting its email for faculty and staff, Skype, wireless servers, and other systems. UCalgary's IT teams successfully restored access to many of the school's networks and applications after a few days, though some of its servers, Skype service, and faculty email system remained affected for longer periods of time. On Monday, the IT department made email once again available for faculty and staff. University officials at this time do not know who caused the ransomware attack, but Dalgetty told CBC News they do have some basic information about the attacker(s):
"What we do know is that when we first identified the encryption, we did get a ransom note. So that's how we knew it was ransomware. And we also knew that it was likely someone external who had likely planted that ransomware.
While the University of Calgary begins its analysis of the decryption keys, the Calgary police continues its investigation of the attack. This is not the only time an organization has decided to pay tens of thousands of dollars following a ransomware attack. Back in February, administrators at the Hollywood Presbyterian Medical Center in southern California paid attackers $17,000 USD to reclaim access to their computer system.
