Skip to main content

Kienestology Atrium on campus at the University of Calgary on Thursday, March 02, 2006.

Chris Bolin/The Globe and Mail

The University of Calgary – which says it paid a ransom of $20,000 to cyber-attackers to regain access to its e-mail system – is the latest institution to be targeted in the rapidly rising and increasingly sophisticated industry known as ransomware.

Staff at the university successfully isolated some of the attack and were working to get computer systems fully operational, the institution said in a news release Tuesday.

Calgary police are investigating.

Story continues below advertisement

Linda Dalgetty, a University of Calgary vice-president, said while it is unfortunate to have to pay a ransom, the university could not risk losing critical data. "We are a research institution; we are conducting world class research daily and we don't know what we don't know in terms of who's been impacted and the last thing we want to do is lose someone's work," she said.

What is ransomware?

Ransomware is malware that encrypts files on the target's device or system, allowing the attacker to demand a ransom in order to get the encryption key to unlock the data.

How prevalent is it?

Companies, institutions such as hospitals and universities, and even law firms are increasingly being targeted in ransomware attacks.

Among recent victims are Kansas Heart Hospital in Wichita, Hollywood Presbyterian Medical Center in Los Angeles, and MedStar Health in Washington, D.C.

Network services provider Infoblox says there was a 35-fold increase in observations of ransomware-related domains in the first quarter of 2016.

Story continues below advertisement

The FBI recently disclosed that ransomware victims in the U.S. reported costs of $209-million (U.S.) in the first quarter of 2016, up dramatically from $24-million for all of 2015, according to Infoblox.

What should an institution do in the event of an attack?

Institutions often find they have no choice but to pay the ransom to get their data back.

Some companies have even been stocking up on bitcoins in the event they are targeted and need to pay up.

But some cyber-security experts say paying the ransom only encourages attackers.

Hollywood Presbyterian tried to thwart its attackers by switching to paper medical records and forms but ended up paying about $17,000 in bitcoins to get its systems back up.

Story continues below advertisement

In some cases, a one-time payment isn't enough. "Unfortunately, even when organizations have paid up, attackers have been known to ask for more money," said Chris Mayers, chief security architect at Citrix Systems Inc. in London.

How do you guard against attack?

"Tight security measures, up-to-date software, user best practices and clean, protected backup data" are needed, says Infoblox.

Updating staff on preventive measures is also critical, experts say.

"Anti-virus technologies are being improved," said Mr. Mayers.

So-called cyber-insurance to help cover losses related to ransom and cleanup is also available.

Story continues below advertisement

With files from The Canadian Press

Report an error Editorial code of conduct
Comments

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • All comments will be reviewed by one or more moderators before being posted to the site. This should only take a few moments.
  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed. Commenters who repeatedly violate community guidelines may be suspended, causing them to temporarily lose their ability to engage with comments.

Read our community guidelines here

Discussion loading ...

Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.
Cannabis pro newsletter