Canadian university pays $20K in bitcoin following ransomware attack

Information and Communications Technology Building – University of Calgary – Calgary, Alberta, Canada.

A Canadian university paid $20,000 ransom in “untraceable” bitcoins to hackers who crippled more than 100 campus computers with ransomware, according to local media reports.

The University of Calgary (U of C), in Alberta, agreed to pay the ransom to make sure critical systems affected in the May 28 cyberattack could be restored, said Linda Dalgetty, the university’s VP of finance and services, to the Calgary Herald Tuesday.

However, it will take IT staff at the institution some time to apply the encryption keys to the locked machines, she said.

The CBC reported the hack targeted only U of C staff and faculty emails; however, students were among those warned not to use university-issued computers and could not access email. As of this past Monday, email was available for faculty and staff. There was no indication that personal or other university data had been compromised.

University of Calgary Vice-President (Finance and Services) Linda Dalgetty

The U of C decided to pay the ransom “because we do world-class research here…and we did not want to be in a position that we had exhausted the option to get people’s potential life work back in the future if they came today and said, ‘I’m encrypted, I can’t get my files,’” said Dalgetty, as reported by the CBC. “We did that solely so we could protect the quality and the nature we generate at the university.”

As for why the U of C disclosed it paid the ransom as well as the amount, Dalgetty told the Herald it was an aim to be transparent. “We’re a public sector organization and we pride ourselves on our openness.”

However, she said no information will be released about the nature of the breach, specific moves to address it or how or if the hacker-provided decryption keys will be employed.

Calgary police are investigating the cyberattack.

News of the ransomware payment coincided with the release of survey findings showing one in five medium to large UK business have no contingency plan in the event of a ransomware attack, while nearly half fail to back up their company data at least once a day.

The Citrix-commissioned survey, whose results were published by the online magazine Professional Security, asked 250 IT security specialists in companies with at least 250 employees across the UK about their strategies to counter cyber and ransomware attacks.

One-third of respondents said their businesses are now stockpiling digital currency such as bitcoin in case of a ransomware attack, with more than 35 percent of large companies (with 2,000+ employees) willing to pay more than £50,000 to retrieve access to pertinent intellectual property or business critical data.

Smaller businesses are more likely than their larger counterparts to have a steady supply of digital currency, the survey found.

Thirty-six percent of businesses with 250-500 staff members store cryptocurrencies; 57 percent of firms with 501-1,000 employees have a stash of digital currency; and 18 percent of companies with more than 2,000 personnel see a need to bolster their cryptocurrency stockpile.

“Today’s threat landscape is more advanced, more determined and better equipped than ever before to exploit the weaknesses of organisations – many of which house a potential data goldmine,” said Citrix chief security architect Chris Mayers, as quoted by Professional Security. “This research has further highlighted the sheer volume of questions to be answered by companies across the UK, with many simply not prepared for a cyberattack that could result in the loss of mission critical data, reduced revenues and a decline in public trust.”

Image credits:

Photo of U of C’s Information and Communications Technology Building – Public domain image by Daderot

Linda Dalgetty’s photo – Via the Media Centre page of U of C’s website