Companies and institutions that fall victim to ransomware should publicize more about this, say Maastricht University and the Wetsus science institute. The companies themselves became victims of ransomware and call on companies to discuss this.
Institutions that tell more about how they fell victim can help others with this. Ransomware infections should come ‘out of the blue’, says ICT director Jacques Beursgens of Maastricht University against the De Kennis Van Nu program. He refers to the University of Antwerp, which was affected by ransomware in the same way as its own university, by probably the same criminals. “If information about the infection had been better shared internationally, we would have been better able to guard against it.”
According to Beursgens, there are still too many companies that prefer to keep an infection quiet. “We have shared it very openly with the world, but you can still see that the shutters go down at companies that happen every day.” Beursgens says that companies should join other companies affected. “But help each other.”
In addition to Maastricht University, scientific research institute Wetsus was recently affected by ransomware. The company says it has come out ‘to warn people’. “You can blame yourself for anything, but on the other hand, this is a risk that is life-size for everyone,” general director Johannes Boonstra told the TV program. “If it happens to you, be well prepared so that you don’t have to consult with criminals like us.”
Both Maastricht University and Wetsus paid the ransom for the attack. The first involved an amount of 30 bitcoins, then 197,000 euros. Wetsus does not say how much it paid. However, the institute says that the amount was ‘less than the damage if we did not pay’.
The university later came out during a symposium with more information about the attack. At that time, the university said that it wanted to give as much openness as possible to warn other educational institutions and companies and let them learn from the situation.