University of Calgary Case Demonstrates Demands For Computer 'Ransom'

Steve Lambert, The Canadian Press
Published Wednesday, June 8, 2016 3:25PM EDT

Ransomware attacks, such as one that recently saw the University of Calgary pay cyber criminals $20,000 to unlock its computer systems, are on the rise around the globe.

Government and industry experts say at small businesses, at hospitals and even at home, more people are suddenly finding their computer systems locked with screens displaying a demand for money to free them up.
Dutch Growers, a Saskatoon gardening centre, was hit in 2013. It's not clear how its computer system was infected, but co-owner Rick Van Duyvendyk said the company was faced with a demand for $5,000.
"There was a thing that came up on our screen that said .... 'we've shut you down'," he recalled Wednesday.

The gardening centre brought in two information technology consultants to crack the lock, but they could not. Still, Van Duyvendyk refused to pay the ransom.
"I just figured that if I paid them, I'd probably never see them and probably still never get it fixed.

University of Calgary vice-president Linda Dalgetty said this week that the school paid its $20,000 ransom demand because it wanted to ensure research and other important work was not wiped out.
Such a potential pay day, and the fact ransomware attacks are hard to trace, are behind the growing popularity of the crimes.
According to an Internet security report by Symantec in April, the number of ransomware attacks around the world increased by 35 per cent last year from 2014. The trend has spread to a variety of operating systems and mobile devices.

The attacks often stem from an infected email attachment or app that seizes control of a computer. Victims can face demands for hundreds or thousands of dollars to unlock their computers and retrieve documents, photos or other items.

The Canadian Anti-Fraud Centre, a joint project of police forces and the federal government, says the attacks originate across the globe and involve a wide variety of operations.
"It can be one, two or three (people) or they can have a bigger setup, which we call boiler rooms," said RCMP Cpl. Josee Forest, manager of the organization's call centre.

The centre advises victims not to pay ransoms. The money helps fund criminal operations, there is no guarantee the criminals will free up locked computers and there may be more demands for more.
Cyber-security experts and victims such as Van Duyvendyk say there are key preventative measures: keep security software updated and don't open strange attachments and programs.

And backup computers regularly to a drive that is not kept plugged into the system, thereby protecting it from infection.
Van Duyvendyk said his system was partially backed-up and it still took him a long time to have everything restored.
"It probably took us about three months to get everything back to where it was."