Maastricht University, located in the Netherlands has reported they became the victim of a ransomware attack that unfolded on December 24 and paid a BTC ransom.
All the IT systems at the University have been pulled down and offline by officials for the damages and in efforts to be contained. The malware cyberattack was the file-encryption type and acknowledged on the University’s website. Educations institute authorities said scientific data wasn’t in any way affected but restoring it may take a few days.
Hackers Received 30 BTC in Ransom
On Wednesday, the University disclosed that it had made a payment of 30 Bitcoin (BTC) to the hackers for the ransom. 30 BTC at the time of the payment was the equivalent of 200,000 Euros or $220,000. The computer systems and emails got unblocked and as said before, the data is safe.
Premiums for Cyber Attack Insurances Higher and Higher
Since ransomware attacks are more common, insurers have raised the cyber security premiums by 25%, especially ever since hospitals, airports and companies have been majorly hacked back in 2019. The University of Maastricht’s Vice President Nick Bos said he considered all the alternatives to paying the ransom, but he didn’t want to rebuild the entire IT network from scratch, as this would have been costlier and precious data would have been lost.
The TA505 Group Behind the Attack
At the press conference held to disclose the information that the University had about the hack, Bos said the initial breach was a result of a click on a phishing email that a member of the staff who hasn’t been identified done a month before. This is what he mentioned about what damage the attack could have had:
“The damage of that to the work of the students, scientists, staff, as well as the continuity of the institution, can scarcely be conceived.”
Fox-IT, which is a cybersecurity team, helped with the analyze of what happened and the recovery of the data. It has identified the hackers as being part of the TA505 Russian-speaking cyber criminal group.