Lessons learned at U of C as ransomware attack foiled
The ransomware virus that devastated global computer networks last week saw its insidious tendrils hit a handful of University of Calgary emails, officials say.
But nearly a year after being targeted by a massive malware attack that forced the university to pay out a $20,000 ransom in untraceable Bitcoins to shadowy hackers, the latest cyberattack was quickly snuffed out before it had a chance to do any serious damage, said Linda Dalgetty, the school’s vice-president of finance and services.
“We had some very limited impact — less than 10 emails came in,” Dalgetty said. “Since last May we’ve done so much work on our network and monitoring tools ... that it was immediately seen and quarantined .”
Last Friday, the Wanna Cry ransomware virus infected more than 230,000 computers in 150 countries, encrypting files and demanding ransom payments in Bitcoin in 28 languages. Among the most affected organizations globally was Great Britain’s National Health Service, which saw some 70,000 computers hit, resulting in major disruptions at hospitals.
Canada seems to have largely been missed by the virus, but Dal getty said a handful of emails thought to contain the Microsoft Windows exploit were captured and quarantined by U of C systems, potentially preventing a repeat of last year’s attack that saw more than 100 computers affected by a ransom ware attack that severed access to email, Skype and wireless access.
Dalgetty said the university is a regular target for hackers, with an average day seeing about 10 phishing attacks. But last year’s successful score by hackers has prompted officials to significantly stiffen the school’s network security.
On Monday, the Calgary police Cyber/Forensics Unit warned computer users to be aware of the virus, but noted there have been no reports of cases related to the WannaCry ransomware.
“As technology evolves, it’s important for citizens to be aware how their devices and data could be vulnerable,” said Staff Sgt. Cory Dayley.
“Quite often there are simple things that can be done to protect against a cyberattack. Unfortunately once data has already been comprised, it is difficult to restore and the loss can have an enormous impact on the victim.”
Alberta Health Services, in a statement, said its systems haven’t been affected by the WannaCry virus.
“AHS has not been impacted by the international cyberattacks targeting health care facilities and organizations. AHS takes these threats very seriously and has processes to deal with them,” the statement read.
U of C professor and computer security expert Tom Keenan said the latest large-scale cyber attack should serve as a wake-up call to both individuals and organizations who remain lax when it comes to backing up critical data and being more cautious when opening email attachments.
“Everybody right now should be patching their Windows and really it’s becoming inexcusable not to have a basic backup,” said Keenan, author of Technocreep: The Surrender of Privacy and the Capitalization of Intimacy.
“And when it comes to email, people are too quick to click and too slow to think.”
Given the scope of the latest cyber strike, Keenan said it’s questionable whether those who pay the Bitcoin ransoms will ever even receive the encryption keys for their files.
Meanwhile, Dalgetty said U of C IT teams have tracked down the “patient zero” computer in last year’s successful hack attack, which has helped bolster the institution’s cybersecurity protocols.
“The walls have been built up,” she said, noting Calgary police continue to investigate the incident.
“Really, it’s not only IT people and service providers but it’s also individuals understanding what cybercrime is and how to spot it.”