Carleton University says it didn't pay hacker's ransom after cyberattack

Carleton University confirms its IT network was attacked by ransomware a type of computer virus that usesencryption to effectively holdfiles hostagein exchange for payment but said it didn't pay any ransom.

Systems are coming back onlinelittle by little after the problem appeared Tuesday morning, RoseannO'Reilly Runte told CBC News on Wednesday.

Classes are happening as regularly scheduled and Wi-Fi is available on campus, she said.

No ransom was paid, according to university spokesperson Don Cumming.

The university is expected to make a statement at 4p.m. ET.

A graduate student at the university emailed CBC Tuesday to say the attackers asked for payment in bitcoin,a digital currency that is difficult to trace.According to amessage he saw on a schoolcomputer, the attackers are asking for either two bitcoin per machine, or 39 bitcoin total to release the encrypted files the latterequallingnearly $38,941 at today's rateon the popularBitcoin exchange Coinbase.

Students, employees warned Tuesday

On Tuesday morning, students and employees were warned that any Windows-based system accessible from the main network may have been compromisedafter an external group apparentlyattempted to hack the school's IT network.

"To reduce traffic on the network, it is recommended that users refrain from using Microsoft Windows systems at the current time and shut down your computer," the school warned in a message posted on its website and Facebook page.

On Wednesday, the university's IT department said work is continuing to restore email services.

People with functioning computers are encouraged to use themand those who don't are asked to refrain from turning them on and to contact the university's IT department.

Previous victims

In June of this year, the University of Calgary was hit bya similar attack. In that casethe university paid $20,000 to regain access to its systems.

At the time, university vice-president of finances and services Linda Dalgetty said the school decided to pay the ransom to ensure that no one would lose access to their research.

And just this past weekend, San Francisco's Municipal Transportation Agency (SFMTA) wasinfected with ransomwarethat took its ticketing systems offline. During the downtimepassengers were allowed to ride for free.

In that casethe attackers demanded payment of 100 bitcoin, which is worth about $95,000. In a statement toCBC, SFMTA chief spokesperson Paul Rose saidthe agency did not pay the ransom and never considered doing so.

Public Safety Canadarecommends that victimsnot pay the ransom requested by their attackers, as there is no guarantee that the locked files will be released, and payment may only encourage more criminals to adopt the tactic.