The University of Calgary has admitted to paying out $20,000 in Canadian dollars to a cyberattacker that infected the institution's systems with malware.
According to the Calgary Herald, the university's network was infected with ransomware which resulted in $20,000 CDN -- over $15,000 USD -- being paid out to retrieve access to files locked away.
Once installed on a system, ransomware will encrypt files and set up a landing page demanding a fee in the virtual currency Bitcoin for users to be given a key which will decrypt their systems and return their files -- although this is not guaranteed and only funds such schemes.
The university's email, Skype, wireless networks and other services were hit by the malware infection.
Calgary officials agreed to pay the ransom but it will take some time for the encryption keys to be used on all of the university's infected machines, of which there are over 100. The process is time-consuming and it is not yet known if the keys will even work.
There is no evidence that any data was stolen on released due to the cyberattack.
In a statement, Linda Dalgetty, Calgary's vice-president of Finance and Services said the issue was "very challenging," but the university's IT staff are working around the clock to plug the security holes which allowed the ransomware to infect systems in the first place.
"The university is working with various experts in this field, and because this was a criminal act, the Calgary Police Service has been brought in as part of the investigation," Dalgetty commented.
"As this is an active investigation, we are not able to provide further details on the nature of the attack, specific actions taken to address it, or how or if decryption keys will be used. We're working through it a day at a time."