[BreachExchange] Another Canadian uni hit by ransomware, students told to keep Windows PCs away

Audrey McNeil audrey at riskbasedsecurity.com
Tue Nov 29 20:44:04 EST 2016


http://www.theregister.co.uk/2016/11/29/canadian_uni_prey_to_ransomware/

Carleton University in Ontario, Canada, has confirmed it has been hit by a
ransomware infection that crippled some of the Windows machines on its main
campus.

Systems at the university started to go down on Tuesday, and its IT
department reported that email, network drives and the central university
student portal had all crashed. It warned those students using Windows PCs
not to access the system.

"This was ransomware," a university spokesman toldThe Register on Tuesday
afternoon. "It's hard to say at this point when the problem will be sorted
out, but it is now safe to log back in to the network."

The ransom demanded by the attackers was reportedly 39 Bitcoin (US$28,495 /
CA$38,274), but it appears as though the university hasn't paid up and is
fixing the problems internally from backups. In the meantime, it is warning
students not to pay.

"Individuals may see ransom-ware messages appear on their screens,
demanding payments via bit coins," the university's IT department warned.
"Users are asked to ignore all messages seeking a payment and are
encouraged to report these messages to the CCS Help Desk."

This isn't the first time Canadian centers of learning have been hit. In
June, the University of Calgary took a major hit from ransomware and paid
up a five-figure sum to the attackers in exchange for its files back. Such
a craven display may have encouraged today's attack.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161129/44fa3204/attachment.html>


More information about the BreachExchange mailing list