Dutch university paid blackmailers about 1 000 000 PLN

It has just come to light that a Dutch university paid a certain hacker the equivalent of about 1 million PLN in exchange for decrypting [...] https://www.pinterest.com/pin/1085437947660215829/

It has just come to light that a Dutch university paid a hacker the equivalent of about PLN 1 million in exchange for decrypting its databases. Foreign media have already written about the case. Why are we mentioning this? Because it is yet another example of how important institutions take storing important information lightly. University in trouble The authorities of Maastricht University will not have pleasant memories of the end of 2019. It turns out that in December a hacker used ransomware to attack the university's database. As a result of his actions, he encrypted nearly 300 servers. Of course, the cybercriminal didn't do it to have another stupid prank on his credit. It was all about ransomware. The result of his actions? The backups were either gone or not working well. The university systems themselves would also have to - as it soon turned out - be installed from scratch. This would be possible, but let's remember that we are not talking about reinstalling Windows on a regular PC. As the authorities of the institution admit, this process would take "many months". The hacker demanded as much as 30 Bitcoins for decrypting the data. Reportedly, the head of Maastricht University decided that this was the only reasonable solution in this situation. So the cryptocurrency stake was paid. (If the hacker was a "hodler" he made quite a bit of money on this, considering how much 1 BTC was paid in December and how much is paid today.) On January sixth, students and faculty returned to their classes... Mistakes The university authorities and its IT department seem to have a lot to blame themselves for. A summary of the incident can be found here. The university beats itself in the chest and enumerates its sins: Failure to adequately respond to phishing emails, Lack of proper network segmentation, Better organization of backups is needed (ransoware was able to encrypt some backups), Need better organization of update uploads, Need better monitoring of network activity in terms of security. This is not the first such incident and situation where a cyber criminal wants BTC in exchange for help. Such attacks will feed on each other. That's for sure. It also shows that the authorities of institutes or companies are not taking proper care of their data security. Tags hacker ransomware in BTC data encryption university