IT staff at the University of Calgary are believed to be still poring over its IT systems for encrypted data in the wake of one of the country’s biggest disclosed ransomware attacks.

Some 100 systems were hit by the malware.

But it was just one of a leap in reported ransomware attacks here. Security vendor Trend Micro has seen a 20 per cent uptick in malicious requests to command and control infrastructure from infected machines over the last three months, said Mark Nunnikhoven, the company’s Ottawa-based vice-president of cloud research.

“That works out to a few thousand requests a day,” he said, although not all would be unique. But it would include malware contacting C&C servers for the ransomware and the servers sending back decryption keys.

Ryan Kalember, senior vice-president of cybersecurity strategy at security vendor Proofpoint, said in a statement his firm recently stopped multiple campaigns that sent hundreds of millions of messages worldwide in a single day.

Because the university has turned the incident over to police it isn’t saying anything more than carefully-worded statements by university Linda Dalgetty earlier this week.

“At this point, we do have some encrypted machines,” Dalgetty told the Calgary Herald. “We have not used any of the decryption keys.” She also said the university paid the equivalent of $20,000 in Bitcoin for the keys.

“The university is now in the process of assessing and evaluating the decryption keys,” Dalgetty said in a June 7 statement on the university’s Web site. “The actual process of decryption is time-consuming and must be performed with care. It is important to note that decryption keys do not automatically restore all systems or guarantee the recovery of all data. A great deal of work is still required by IT to ensure all affected systems are operational again, and this process will take time.”

It is believed that as of Thursday it had still not used the keys.

Related Articles

Patch quickly to check ransomware, Canadian telecom industry warned

One of the best strategies to defeat ransomware is to patch systems as soon as possible, a senior official at…

June 7th, 2016 Howard Solomon

22 tips for preventing ransomware attacks

The explosion of ransomware in the past year has many infosec professionals worried because of the devastation it can wreak…

January 25th, 2016 Howard Solomon Sponsor: Acquia
Can we save the open web?
Join the creator of Drupal, Dries Buytaert, in a discussion about the web’s evolution, how we can put the power of the internet back into the hands of the people, and how you can prepare your organization.
Register Now

article, privacy, securityTagged ransomware, security strategies

Rising Ransomware Now Threatens Critical Infrastructure

Raptor’s Amir Johnson passes three social media lessons to CIOs