Security News > 2020 > November > Ransomware crims read our bank balance and demanded the lot, reveals Scotland's Dundee and Angus College
The criminals who took out Scotland's Dundee and Angus College made a ransom demand that precisely added up to the contents of its bank account - and that was no accident, its principal has said.
In a postmortem interview with academic IT nonprofit Jisc, Simon Hewitt lifted the lid on the 31 January ransomware attack, which went on for days and saw the college's entire IT estate almost completely wiped.
At the time a student told us: "I got in on Friday but couldn't get any material out. Loads of my class are worried in case the Graded Unit has been lost, with no way to directly contact college or IT bods... loads of classmates are in panic mode in case work has been compromised or vanished."
Hewitt, who at the time of the attack was vice-principal in charge of IT, explained how the college had obtained the NCSC's Cyber Essentials certification, which provides a measure of cybersecurity assurance, barely months before the ransomware criminals got in.
Recovering from the attack consisted of fast-forwarding the college's existing digital strategy, rolling out Microsoft Teams and OneDrive across the entire organisation and shifting as much as possible into the cloud - moves that "Had a financial impact", in Hewitt's words, but gave the IT bods hope that recovery from any future attack would be easier than rebuilding the whole network from scratch over five days, as happened to the college.