Ransomware Thieves Cost Canada University C$20,000 In Bitcoin (itworldcanada.com) 87
dkatana writes: The University of Calgary paid C$20,000 ransom this week after an attack on May 28 targeted computers used by staff and faculty members, crippling multiple systems and encrypting data files and email accounts. After determining that they were unable to recover the data the ransom was paid to "protect the quality and nature of the information we generate at the university," said an official in a press release.
The fact that higher education institutions are now being targeted by ransomware is raising serious questions about their ability to protect their data and critical information systems.
IT World Canada has more details, noting that the university has reported the incident to the police, and that Trend Micro "has seen a 20% uptick in malicious requests to command and control infrastructure from infected machines over the last three months" -- several thousand requests a day.
The fact that higher education institutions are now being targeted by ransomware is raising serious questions about their ability to protect their data and critical information systems.
IT World Canada has more details, noting that the university has reported the incident to the police, and that Trend Micro "has seen a 20% uptick in malicious requests to command and control infrastructure from infected machines over the last three months" -- several thousand requests a day.
Re: Florida shooting travesty. Pray for victims. (Score:1)
I'm not the douchebag AC you replied to. Slashdot was once exactly the place for news like this. It was just about the only site that stayed up on 9/11. Slashdot was up and providing updates while even CNN was basically offline. It's a strange decision to not post a story about the Orlando shooting in the context of other mass shooting ls that Slashdot has posted about. The relevance to the site is debatable, though. And not posting a story is hardly disrespectful, despite the troll who keeps spamming about
Re: (Score:2)
Maybe because we get pissed about idiots who post their bullshit in stories that have nothing to do with them. For some odd reason such twits didn't exist 10 years ago.
Maybe 'cause the relevant people didn't know how to use a keyboard yet.
Re: (Score:2)
Depending on the amount of bitcoins you have that would actually affect the market price of the remaining bitcoins.
Hmm... what does happen to bitcoins that are "lost" somehow, anyway?
Re: (Score:2)
Military are there to kill and to die. it's just their job.
Re: (Score:2)
It isn't just backup software. It is implementation, and the 3-2-1 system, with inherent resistance to malware. Even if one doesn't use tape or cloud, devices like Isilons offer functionality like SmartLock which gives WORM functionality to a directory to ensure that snapshots remain around for a period of time, even if mayhem ensures everywhere else but a physical console.
With cloud backups, S3 isn't cheap, but it is decent for offsite storage, especially with so many client side encryption APIs availabl
Backup (Score:2)
Re:Backup (Score:4, Informative)
First, you have to be careful to keep enough backups to avoid the backups getting encrypted and still have an unencrypted copy close enough to the event.
Second, I support not paying for the same reason I don't want to pay kidnappers - it just encourages them to keep doing it.
Third, I hope they make it a student project to track down those that received the ransom..
Getting back on topic. It's very cheap today on a per gigabyte basis. However, most universities will have so much that the raw bill ends up pretty expensive.
Re: (Score:3)
C$20,000 invested before the fact would have procured a fairly substantial ZFS storage pool.
Snapshots don't cost much in marginal storage unless the dataset churns vigorously.
Re: (Score:3)
But you don't have guaranteed snapshot retention with ZFS, and unless you have less than 50% disk usage you can still get screwed over. We use BTRFS snapshots on our backup system with rsync, and there are still a number of real risks for our small company. These risks are generally known, and we think we have an acceptable restore window -- basically a day for phones, accounting, and copy/print services, and 1-4 hours for the file server.
Virtualizing should improve things some, but not everything can be
Re: (Score:2)
I like having two NAS systems. One the primary, and one just for backups which either deduplicates (like a Data Domain appliance), or stashes deduplicated data (wherever the Veeam repo sits.) With snapshots on the primary for fast recovers should Locky come a knocking, this will help mitigate a ransomware threat. Of course, some form of offsite storage is a must, but one can use what works for them the best, be it tape, cloud, or maybe an external HDD that is used to dump critical files from the share, t
Re: (Score:2)
C$20,000 invested before the fact would have procured a fairly substantial ZFS storage pool.
Irrelevant. This is a Canadian post-secondary institution we're talking about here. As a former IT employee of such an institution (and despite U of C's connection to Theo de Raadt) I can assure you that a) the backup systems in place are virtual miles away from anything resembling free or open source, and b) purchased and licensed at a cost that is many times higher than $20,000.
Canadian post-secondary IT is well-enough funded to afford whatever the conference sponsors are pushing. Executive would do well
Re: (Score:2)
Why are they running Windows?
Re: (Score:2)
Depends on how much data. At the low end, you can buy a NAS for $100-1000, like a Synology or QNAP model, add drives and attach it to AD or your LDAP server. From there, you can use S3, Azure, or another cloud storage provider for offsite storage. For additional peace of mind, have two NAS models, one whose job is to receive backups from the primary NAS, which provides for 3-2-1 backups (three copies, two on different media, one offsite) with S3. To boot, these NAS models offer encryption, so nothing hi
Obligatory. Sorry, eh. (Score:2)
I bet they're sorry now.
Sorry.
Re: (Score:2)
$20K is nothing (Score:1)
It's just oee students semester of tution fees.
Re:$20K is nothing (Score:4, Informative)
American universities can easily get to $20k/semester.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
I think you answered your own question. You pay out if it's cheaper than the amount of lost data (plus any extra downtime that restoring from backup would cause over decrypting all the files, I guess). I assume that UofC officials are competent to make that call.
This might be what kills bit coin (Score:2)
Re: (Score:2)
Re: (Score:1)
This is the part that I don't understand though. The transaction paying the ransom is recorded in the public ledger. Everybody can see the wallet the ransom was deposited into. Everybody can track all the transactions in and out of that wallet. When dealing with large amount of cash, it is unlikely the criminals will be paying for a sandwich here and there using this money. At some point, they need to sell these bitcoins in bulk and get cash in return and we will see all the transactions that led to that. W
Re: (Score:2)
Bitcoin tumbling. Enter dirty bitcoin, exit squeaky clean bitcoin.
Re: (Score:2)
Find these fuckers and execute them live on PPV. Maybe that would put a damper on this shit.
I have a musical suggestion [spotify.com] for you.
Re: (Score:1)
But how many Bitcoins would it cost to watch that?
Re: (Score:2)
Oh Donald...you silly.
Re: (Score:2)
Stop. Using. Computers.
Sent from my telegraph.
Use of insecure OS costs Canada University $2k. (Score:1)
Re: (Score:3)
Re: (Score:1)
...and the stupid morons paid up (Score:3)
...and the stupid morons paid up so they will just encourage them more.
Re: (Score:2)
>> if it would cost you $1.5 million to recreate the data lost
Nope, I'd start over and implement a backup policy this time round.
Comment removed (Score:4, Insightful)
Re: (Score:2)
Remember the IT member who told you, "Hey, this is insecure, we should change this" And you blew him off because you didn't want the expense or didn't care, or thought it would never happen, or thought you knew better?
More likely the IT member said "Hey, this is secure, we should buy it", and executive signed off on yet another inflated IT capital expenditure, because hey, information security is worth the price you pay. In my experience no amount of belt tightening in Canadian post secondary has kept IT from having their expensive toys. No exec wants to be in U of C's position right now, and knowing little about how IT works, they generally capitulate when IT comes with their hand out.
Paying ransoms should be outlawed (Score:2)
Re: (Score:2)
Dane-Geld (Score:1)
It is always a temptation to an armed and agile nation
To call upon a neighbour and to say: --
"We invaded you last night--we are quite prepared to fight,
Unless you pay us cash to go away."
And that is called asking for Dane-geld,
And the people who ask it explain
That you've only to pay 'em the Dane-geld
And then you'll get rid of the Dane!
It is always a temptation for a rich and lazy nation,
To puff and look important and to say: --
"Thou
BS (Score:2)
... serious questions about their ability to protect their data and critical information systems.
What a stupid thing to say. It isn't lack of ability - universities, of all places would have the experts or easy access to experts in other places to handle security. It is a question of taking the risk serious enough to spend the time and poney. I suspect many universities, or certainly their management, still don't think they have much worth stealing; after all, ideas and research are traditionally shared openly by the scientific community, and that is the real treasure owned and produced by universitie