Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Bitcoin Botnet Canada Security

Ransomware Thieves Cost Canada University C$20,000 In Bitcoin (itworldcanada.com) 87

dkatana writes: The University of Calgary paid C$20,000 ransom this week after an attack on May 28 targeted computers used by staff and faculty members, crippling multiple systems and encrypting data files and email accounts. After determining that they were unable to recover the data the ransom was paid to "protect the quality and nature of the information we generate at the university," said an official in a press release.

The fact that higher education institutions are now being targeted by ransomware is raising serious questions about their ability to protect their data and critical information systems.

IT World Canada has more details, noting that the university has reported the incident to the police, and that Trend Micro "has seen a 20% uptick in malicious requests to command and control infrastructure from infected machines over the last three months" -- several thousand requests a day.
This discussion has been archived. No new comments can be posted.

Ransomware Thieves Cost Canada University C$20,000 In Bitcoin

Comments Filter:
  • by zm ( 257549 )
    How much would an automated (offsite) backup cost them?
    • Re:Backup (Score:4, Informative)

      by Firethorn ( 177587 ) on Sunday June 12, 2016 @02:28PM (#52300469) Homepage Journal

      First, you have to be careful to keep enough backups to avoid the backups getting encrypted and still have an unencrypted copy close enough to the event.

      Second, I support not paying for the same reason I don't want to pay kidnappers - it just encourages them to keep doing it.

      Third, I hope they make it a student project to track down those that received the ransom..

      Getting back on topic. It's very cheap today on a per gigabyte basis. However, most universities will have so much that the raw bill ends up pretty expensive.

      • by epine ( 68316 )

        C$20,000 invested before the fact would have procured a fairly substantial ZFS storage pool.

        Snapshots don't cost much in marginal storage unless the dataset churns vigorously.

        • But you don't have guaranteed snapshot retention with ZFS, and unless you have less than 50% disk usage you can still get screwed over. We use BTRFS snapshots on our backup system with rsync, and there are still a number of real risks for our small company. These risks are generally known, and we think we have an acceptable restore window -- basically a day for phones, accounting, and copy/print services, and 1-4 hours for the file server.

          Virtualizing should improve things some, but not everything can be

          • by mlts ( 1038732 )

            I like having two NAS systems. One the primary, and one just for backups which either deduplicates (like a Data Domain appliance), or stashes deduplicated data (wherever the Veeam repo sits.) With snapshots on the primary for fast recovers should Locky come a knocking, this will help mitigate a ransomware threat. Of course, some form of offsite storage is a must, but one can use what works for them the best, be it tape, cloud, or maybe an external HDD that is used to dump critical files from the share, t

        • C$20,000 invested before the fact would have procured a fairly substantial ZFS storage pool.

          Irrelevant. This is a Canadian post-secondary institution we're talking about here. As a former IT employee of such an institution (and despite U of C's connection to Theo de Raadt) I can assure you that a) the backup systems in place are virtual miles away from anything resembling free or open source, and b) purchased and licensed at a cost that is many times higher than $20,000.

          Canadian post-secondary IT is well-enough funded to afford whatever the conference sponsors are pushing. Executive would do well

    • Why are they running Windows?

    • by mlts ( 1038732 )

      Depends on how much data. At the low end, you can buy a NAS for $100-1000, like a Synology or QNAP model, add drives and attach it to AD or your LDAP server. From there, you can use S3, Azure, or another cloud storage provider for offsite storage. For additional peace of mind, have two NAS models, one whose job is to receive backups from the primary NAS, which provides for 3-2-1 backups (three copies, two on different media, one offsite) with S3. To boot, these NAS models offer encryption, so nothing hi

  • I bet they're sorry now.

    Sorry.

    • by ark1 ( 873448 )
      I doubt, 20K for a large organisation is nothing. The only thing they probably don't want is too much publicity but when you are a publicly funded institution you have to be transparent.
  • by Anonymous Coward

    It's just oee students semester of tution fees.

  • This keeps up they're gonna start inconveniencing people who matter. There's a reason they use bit coin for this. It's harder to trace and easier to launder.
    • No, people who cannot spell "Bitcoin" is what kills Bitcoin.
    • by Anonymous Coward

      This is the part that I don't understand though. The transaction paying the ransom is recorded in the public ledger. Everybody can see the wallet the ransom was deposited into. Everybody can track all the transactions in and out of that wallet. When dealing with large amount of cash, it is unlikely the criminals will be paying for a sandwich here and there using this money. At some point, they need to sell these bitcoins in bulk and get cash in return and we will see all the transactions that led to that. W

  • by JustNiz ( 692889 ) on Sunday June 12, 2016 @04:28PM (#52300953)

    ...and the stupid morons paid up so they will just encourage them more.

  • Comment removed (Score:4, Insightful)

    by account_deleted ( 4530225 ) on Sunday June 12, 2016 @04:38PM (#52301007)
    Comment removed based on user account deletion
    • Remember the IT member who told you, "Hey, this is insecure, we should change this" And you blew him off because you didn't want the expense or didn't care, or thought it would never happen, or thought you knew better?

      More likely the IT member said "Hey, this is secure, we should buy it", and executive signed off on yet another inflated IT capital expenditure, because hey, information security is worth the price you pay. In my experience no amount of belt tightening in Canadian post secondary has kept IT from having their expensive toys. No exec wants to be in U of C's position right now, and knowing little about how IT works, they generally capitulate when IT comes with their hand out.

  • Canada should outlaw paying ransoms. In any case, outlaw paying for government institutions! I am a Canadian taxpayer and I do not want a university to support criminals. Let them just eat the loss if they haven't had backups.
  • by Anonymous Coward

    It is always a temptation to an armed and agile nation
    To call upon a neighbour and to say: --
    "We invaded you last night--we are quite prepared to fight,
    Unless you pay us cash to go away."

    And that is called asking for Dane-geld,
    And the people who ask it explain
    That you've only to pay 'em the Dane-geld
    And then you'll get rid of the Dane!

    It is always a temptation for a rich and lazy nation,
    To puff and look important and to say: --
    "Thou

  • ... serious questions about their ability to protect their data and critical information systems.

    What a stupid thing to say. It isn't lack of ability - universities, of all places would have the experts or easy access to experts in other places to handle security. It is a question of taking the risk serious enough to spend the time and poney. I suspect many universities, or certainly their management, still don't think they have much worth stealing; after all, ideas and research are traditionally shared openly by the scientific community, and that is the real treasure owned and produced by universitie

Keep up the good work! But please don't ask me to help.

Working...