2 Robert Speck Parkway, Suite 298 Mississauga ON
+1 888 366 4443
info@gige.ca

Maastricht University Hit By Clop Ransomware, Pays $220 000 USD for Decryption

IT Services & IT Solutions Mississauga & Toronto

Maastricht University Hit By Clop Ransomware, Pays $220 000 USD for Decryption

   Blog Posts IT Security IT Services    February 12, 2020 |  0
netherlands university clop ransomware

Netherlands’ Maastricht University was hit by a ransomware attack on December 23rd, 2019. The university paid the cyberattackers 30 bitcoins, worth at around $220 000 USD, in order to restore the infected computers to working conditions.

The ransomware malware strain, called “Clop ransomware”, encrypted 267 of the university’s Windows servers, including backups. The University’s full infrastructure consists of 1647 servers running either Linux or Windows, and 7307 workstations. The university reported that it has several network security measures in place including firewalls, antivirus, and spam filters, but that the ransomware was able to bypass these measures through two phishing emails on October 15th and 16th 2019.

The university stated that despite the IT department constantly receiving alerts on security threats, there is still a need for more education on avoiding phishing techniques to help alleviate the constant pressure of cyberattack. For tips on how to detect phishing emails, read our article on the topic here.

Nick Bos, VP of Maastricht university, discussed the decision to pay the ransom to the attackers. He stated that while the University does not ethically stand by the act of succumbing to ransomware extortion, it ultimately made the decision to pay the ransom due minimize the damage that the attack would have on its students’ education, staff, and researchers.

What can we learn from this attack?

  1. Phishing attacks are as prevalent as ever, and can lead to significant financial damage to an organization. Any organization’s firewall is only as strong as its weakest link. As shown in the Clop Ransomware attack, even a network that is protected by antivirus and spam filter software can be penetrated if a malicious link is accidentally clicked on by an employee. Therefore, employee education on common phishing methods and signs to look out for should still be a top priority for your organization’s cybersecurity strategy.
  2. Following the attack, Maastricht University employed Fox-IT to conduct an independent investigation on the incident. In their audit, Fox-IT discovered that the malware was able to leverage a server that was missing critical patches that fixed known vulnerabilities. Exploiting this single security hole allowed the attackers to spread the malware to 267 Windows servers. This highlights the importance of keeping your organization’s server OS up-to-date.

GIGE IT Solutions can keep your organization protected from ransomware. We manage all your servers and workstations to ensure that they are always up-to-date and protected from malware such as ransomware. Call us at +1 888 366 4443 or email us at info@gige.ca to get started.

 

Cloud Solutions
IT Services
IT Solutions
Hours & Info
2 Robert Speck Parkway, Suite 298, Mississauga, ON L4Z 1H8
(888) 366-4443
info@gige.ca
Mon to Fri 8:30AM-5PM
Weekends Closed

Managed IT Services

Backup Process Engineering

Telephony

IT Support Help Desk

E-mail and Remote Connection

IT Infrastructure

Security IT Services

Data Storage Management

Server OS Update

Locations

Aurora

Brampton

Hamilton

Markham

Milton

Mississauga

Newmarket

Richmond Hill

Scarborough

Toronto

Vaughan

Navigation

Home

About Our IT Support

Cloud Solutions

Managed IT Services

IT Solutions

 

©  2022 GIGE IT Solutions: IT Services Mississauga. Built using WordPress and the Mesmerize Theme

%d bloggers like this: