The University of Calgary in Canada became the victim of a ransomware attack last week, and paid about $16,000, or $20,000 CDN, to cyberattackers, the university revealed in a statement Wednesday.
So far it does not appear that any university data was released to the public.
The university’s IT teams have been working nonstop to address systems issues caused by the attack, according to the university.
Ransomware continues to pose a significant threat to all types of institutions, both public and private. While experts warn that paying ransoms will only encourage cybercriminals, if cybercriminals ask for relatively small amounts of money, many small to medium-sized businesses would prefer to pay and get their data back more quickly than attempt to recover their data in other, more complex ways.
In February, Hollywood Presbyterian Medical Center in Los Angeles paid the equivalent of $17,000 in bitcoins to a hacker to regain control of its computer systems.
"The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key," Chief Executive Allen Stefanek said. "In the best interest of restoring normal operations, we did this."
But paying a ransom isn’t a guarantee. University of Calgary officials said the university’s systems had been down for more than a week, and that they are still working to restore them.
"It is important to note that decryption keys do not automatically restore all systems or guarantee the recovery of all data," the statement read. "A great deal of work is still required by IT to ensure all affected systems are operational again, and this process will take time."
A report released by Kaspersky Lab last month found ransomware is now the most prolific cyberthreat of 2016. Security experts identified 14% more new ransomware malware modifications between January and March this year compared to the same period last year.