June 2016 — This time, it was the University of Calgary – a sign that ransomware attackers are increasingly choosing academic institutions as a favorite victim. IT Specialist is calling it a “successful attack,” and certainly it was successful for the ransomware-ists on multiple levels. The University, in acceding to the demands of data-rustling scum fork over the cash and keep encouraging reprobate cyber crooks to continue in their business. It seems, however, that the U. of Calgary had IT experts on hand to quickly isolate and trace the ransomware exploit’s origins, according to a report in ArsTechnica.com. No word as of yet on whether that trace successfully located the cyber thieves’ server or IP address or not.
Ransomware Gets Schooled
The school has taken the low road in choosing to pay the ransom – something that many IT experts and even the FBI are now advising against. This is due to evidence that has come about in the last year or so that paying the ransom doesn’t guarantee getting even some of your encrypted data back. Some nasty ransomware programs will encrypt and eventually destroy your data even when a payment is made.
The University of Calgary, it should be noted, is a research institution which is very averse to the idea of losing any of its hard-won data, granted. Its Vice President Linda Dalgetty pointed out in a recent article in The Globe that, “We are conducting world-class research daily and we don’t know what we don’t know in terms of who’s been impacted. The last thing we want to do is lose someone’s life work.” This may be precisely why the school unfortunately ended up paying out $20,000 CAD to the ransomware-wolves, though the University has no doubt used the occasion to bolster their cyber defenses, to preclude there ever being a “next time,” hopefully.
The almost everyday occurrence of major ransomware attacks has had organizations in at-risk industries digging in, but others are far from cyberattack readiness. Enterprising ransomware criminals have even taken the viciously cheeky step of opening up call centers where victims, confused by the protocols of how to respond to these attacks, can call and be guided through how to pay the data hostage takers in Bitcoins.
If it isn’t already stark and crystal clear to any and all organizations and business entities who do business via IT networks that they should have iron-clad data backup, recovery, and business continuity solutions in place, then one wonders what it will take for those with the means to pay hackers many thousands of dollars to pay much less and get sound IT security and data protection assurance in place.
Cyber Weapons for Cyber Wars
There’s no doubt that there is a war on for your exploitable data (especially in high-risk industries), and it isn’t going to abate until would-be victims get sufficient cyberdefense weapons in their hands and data centers. We must fight fire with fire, where ransomware and other malware variants are concerned.
If you have questions regarding preventing ransomware, PNJ Technology Partners is a proven leader in providing IT consulting and cybersecurity in Albany. Contact one of our expert IT staff at (518) 459-6712 or send us an email at firstname.lastname@example.org today, and we can help you with all of your cyber defense and security needs.