Queen's University pays cash to hackers in ‘ransomware' attack
QUEEN'S University Belfast paid out cash to cyber hackers after its computers were targeted in a 'ransomware' attack.
The case is among dozens of cyber attacks on public institutions in the past year revealed in new records obtained by The Irish News.
Computer security experts last night described the issue as a "huge concern" and the PSNI urged victims to "contact police as soon as possible".
Ransomware is a computer virus that locks down data stored on an infected machine and demands payment before allowing the user to regain access to their information.
Queen's has suffered three ransomware attacks in the last academic year alone, details obtained through Freedom of Information (FOI) requests reveal.
On one occasion a £400 ransom was paid after hackers targeted a PC running Windows XP and encrypted documents and images.
All encrypted files were recovered once the ransom was paid.
In its FOI response Queen's said its policy is that ransoms should not be paid, and the £400 payment was "an exception".
Ulster University has identified 22 ransomware attacks since June last year.
Systems used by individuals were affected on 18 occasions and in four instances the cyber attack affected the networked file shares used by a university department.
The university said data was normally restored through a backup service and on no occasion was ransom paid in return for the release of data.
Several councils in the north have also revealed that they have been targeted by ransomware.
Belfast City Council has been targeted twice, Lisburn and Castlereagh twice, and once in both Derry and Strabane council and Armagh Banbridge and Craigavon council.
None of the four local authorities paid the ransom demanded by the cyber criminals.
David Crozier, technical marketing manager of the Centre for Secure Information Technologies at Queen's University, said the ransomware attacks were a "huge concern".
He said the issue affects public bodies but also businesses in Northern Ireland that may be inclined to pay the ransom demanded.
"There is a huge underreporting of these types of activities. It's probably a bigger concern in Northern Ireland where you have a large number of small and medium-sized enterprises," he said.
"Unfortunately when companies pay they're put on sucker's lists so that they're repeatedly targeted.
"Our advice would be never pay the ransom and always report it to law enforcement."
Detective chief inspector Dougie Grant, from the PSNI's cyber centre, said: "We have received a significant number of reports in relation to this type of cyber crime in recent months which is reflective of what is going on nationally and internationally and I would encourage anyone who is a victim to contact police as soon as possible.
"Many of these incidents are as a result of widespread malicious communications and there are a number of steps local businesses and industry can take to protect themselves.
"The two most important things to do are to ensure your network has an effective back-up system in place and also, do not open or click on any suspicious or unexpected communications."
Mr Grant urged people to report the problem to police.
"Reporting helps us tackle these types of incident and crimes as well as identifying areas of concern and patterns of cyber incidents and may also assist in identifying and prosecuting offenders," he said.