Cyber attackers around the world can bring in up to $200,000 in ransoms a day from attacks like the one on the University of Calgary, Calgary police say.
Such attacks are on the rise, and U of C is one of the largest Canadian organizations to admit it was victimized. The university said Tuesday it paid $20,000 to preserve an option to restore critical research data. Anonymous cyber attackers had knocked out about 9,000 email accounts for faculty and staff, which impacted communication with students for days.
“We suspect that there are quite a few individuals and businesses in Calgary that have been hit by ransomware,” Calgary Police Insp. Ryan Jepson said. “We encourage anyone who has been hit by something like that to report it to police, that way we have a better understanding of what’s out there so we can better align our resources to respond to that type of event.”
Calgary’s Kensington Wine Market paid a $500 ransom in the past, then spent thousands beefing up its security.
The Canadian Anti-Fraud Centre, a joint project of police forces and the federal government, says ransomeware attacks can be hard to trace. The centre has received 110 ransomware-related complaints so far in 2016.
Watch below: Global’s coverage of the University of Calgary ransomware attack
RCMP Cpl. Josee Forest said it’s best not to pay ransom, because there is no guarantee computers will be freed up and victims could face more demands for more money. She said there are good prevention measures, such as frequently backing up computers on separate hard drives.
“While the RCMP does not support paying a ransom as it encourages criminality, there is an understanding that when an individual or a business is unable to access their digital files, they have to evaluate the associated risks and may decide to assume those risks,” an RCMP spokesperson added in a release.
A security report earlier this year from Symantec said the number of ransomware attacks around the world increased by 35 per cent last year from 2014.
The trend has spread to a variety of operating systems and as well as mobile devices.
“What’s your choice? Taking the moral road and saying, ‘I’m not going to pay because of this? Or saving your livelihood?
“It’s a very, very tough choice to make,” said Carl Fransen, with CTECH Consulting Group.
Calgary police said they don’t encourage or discourage paying ransoms, but advised people to watch what they click on, run backups, and keep virus software up to date.
The RCMP provided the following tips to avoid ransomware:
- Never click on a pop-up that claims your computer has a virus
- Update your anti-virus software often and scan your computer for viruses regularly
- Don’t click on links or attachments in e-mails sent to you by someone you don’t know
- Turn on your browser’s pop-up blocking feature
- Never download anti-virus software from a pop-up or link sent to you in an e-mail
- Backup data regularly and secure your backups
- If you’ve received a ransomware message, please contact the Canadian Anti-Fraud Centre at 1-888-495-8501 to report it. If you have been a victim of a fraud, contact local police or RCMP.
With files from Global’s Reid Fiest and The Canadian Press