The University of Calgary confirms that it has paid a ransom of $20,000 to preserve its research data after a recent cyberattack took the school’s network hostage.
In a news release published Tuesday, the school said that it has managed to isolate parts of the cyberattack and that it is working to make sure that its computer systems remain functional.
There was no indication that the attack, which utilized so-called “ransomware”, released any sensitive personal data to the public, said university vice president Linda Dalgetty.
Ransomware works by either locking or encrypting computers or computer networks until a ransom is paid. Once the hacker is paid, he or she then relinquishes the keys or the means to lift the lock out of the systems.
“We are a research institution, we are conducting world-class research daily and we don’t know what we don’t know in terms of who’s been impacted. The last thing we want to do is lose someone’s life’s work,” Dalgetty said, explaining the reason why the school chose to pay the ransom.
According to The Globe and Mail
, the attacks began in late May. The cyberattack was so severe, that it had locked out staff, students and faculty out of their emails. The University of Calgary’s IT department has since restored the functionality of the affected email accounts.
A joint alert between the Canadian Cyber Incident Response Centre and the U.S. Department of Homeland Security was issued early this year warning about the spread of such ransomware.
“This attack is part of a disturbing global trend of highly sophisticated and malicious malware attacks against organizations including NASA, law enforcement agencies and large health-care institutions,” the school said in a statement.
With the threat of ransomware set to increase over time, businesses and organizations will need cyber security insurance to cover for any damages or losses suffered as a result of such cyberattacks. More importantly, data backup plans need to be set in place so that companies and/or organizations have a contingency plan in the event of a debilitating hack.
What brokers can learn from cheaters