Maastricht Univ. paid €250K to ransomware hackers: report

Law Faculty at Maastricht University
Undated photo of the Law Faculty at Maastricht UniversityLeonid_AndronovDepositPhotosDeposit Photos

Maastricht University paid between 200 thousand and 300 thousand euros to hackers who had blocked access to the university's digital systems with ransomware, various people involved told the Volkskrant. The university board was forced to pay because the university's backups were also hijacked. The backups - stored on the university servers - contain research data and data from students and staff from the past decades.

On December 23rd, university employees discovered problems with the mail server. Shortly thereafter, the network turned out to be infected with Clop ransomware. Ransomware is a type of malware that blocks access to files and programs on a computer or network. These attackers blocked access to systems containing research data, financial information, email systems, the intranet, and the backups. The university eventually decided to pay up to regain access to its systems, the newspaper writes.

Maastricht University refused to comment in detail to the Volkskrant, saying that it will explain the situation and the investigation into the cyber attack at a symposium on February 5th.

PIeter-Jaap Aalbersberg, the Netherlands' National Coordinator for Counter-terrorism and Security, called the successful ransomware attack on Maastricht University a "wake-up call" for other universities and colleges. "If you have good backups and separated systems, and your software is up to date, you are not vulnerable to this," he said, according to the newspaper. 

Last year, the Dutch police created a website where victims of ransomware can check whether a decryption tool for the type of malware they're infected with is already available, before paying cyber criminals to regain access to their computers.