CALGARY — The University of Calgary says it paid a ransom of $20,000 demanded after a recent cyberattack to preserve an option to restore critical research data.
The school said in a news release Tuesday that staff were able to isolate some of the attack and were working to ensure its computer systems are operational.
Linda Dalgetty, a university vice-president, said there's no indication that any personal data was released to the public.
Dalgetty said while its unfortunate to pay the ransom, the university could not risk losing critical data.
"We are a research institution, we are conducting world-class research daily and we don't know what we don't know in terms of who's been impacted. The last thing we want to do is lose someone's life's work," she said.
This type of attack involves an unknown cyber-attacker locking or encrypting computers or computer networks until a ransom is paid. Once it is, keys, or methods of decryption, are provided.
The attacks started at the end of May and also locked staff, students and faculty out of their emails. The university's IT department was able to restore those.
Now that a ransom has been paid, the university hopes it can regain control of its systems quickly.
Calgary police say they are investigating.
The Canadian Cyber Incident Response Centre issued a joint alert with the U.S. Department of Homeland Security earlier this year warning about the proliferation of ransomware.
It estimates that there were more than 1,600 ransomware attacks per day in 2015 against Canadians.
"This attack is part of a disturbing global trend of highly sophisticated and malicious malware attacks against organizations including NASA, law enforcement agencies and large health-care institutions," the university said.
"The university is working with various experts in this field ... We thank students, faculty and staff for their tremendous patience and understanding as we continue to work through this very challenging issue."
