PHOTOS: Don’t worry, now that the ransom has been paid, Calgary Police are on the job investigating the cybercrime at the University of Calgary. Actual Calgary Police Service personnel may not appear exactly as illustrated. Below: University of Calgary Finance and Services VP Linda Dalgetty (U of C photo) and Alberta Justice Minister Kathleen Ganley.
So let’s get this straight, when it comes to Canadian citizens abroad – living human beings, leastways those whose families aren’t rich enough to finance their ransoms discreetly on their own – “Canada does not and will not pay ransom to terrorists, directly or indirectly.”
The words, of course, are well known. They were spoken by Prime Minister Justin Trudeau in macho tones worthy of George W. Bush after a cabinet retreat in Kananaskis Country west of Calgary. The Kananaskis resort, by the way, was chosen as the site of an international summit involving that same President Bush some years ago … because it’s a great location to defend from terrorists, not to mention protesters.
The main justification for Canada’s new position on ransoms, according to Mr. Trudeau, is that paying them, as we have in the past, “would endanger the lives of every single one of the millions of Canadians who live, work and travel around the globe every single year.”
Paying a ransom for powerful people’s property, however, or even just their data, or even just their casual emails, doesn’t seem to be a problem.
Leastways, consider the bizarre story out of Calgary yesterday evening that the University of Calgary, a publicly financed post-secondary institution, has paid $20,000 to get access to its email system back from cyberbaddies.
I know, chump change. But seriously, wouldn’t this have been a sterling opportunity to say Canada – or, actually, Alberta, or even just the University of Calgary – doesn’t negotiate with crooks?
Apparently not. The Canadian Press quoted Linda Dalgetty, the university’s finance and services vice-president, explaining, in the words of the report, that “while it’s unfortunate to pay the ransom, the university could not risk losing critical data.” (Emphasis added.)
In her own words, Ms. Dalgetty went on: “We are a research institution, we are conducting world-class research daily and we don’t know what we don’t know in terms of who’s been impacted and the last thing we want to do is lose someone’s life’s work.” Especially, I guess, if that someone is a full professor or a professional ideologue advising the Wildrose Party from the Department of Economics and Political Science!
It is not immediately clear to this commentator, by the way, why a researcher would have his or her life’s work squirrelled away in a university’s email system, especially when Gmail, “the cloud,” and fireproof file cabinets all work so well, but let’s never mind that just now.
The “cyberattackers,” according to the report, somehow managed to lock up or encrypt the university’s computers until the ransom was paid, and then they gave the institution the “keys” to get back into the system. Never mind the technical stuff, which as readers will infer your blogger doesn’t really understand. This story raises a number of interesting questions of a non-technical sort.
For example, is it OK in Canada to pay ransoms to criminals, but just not to terrorists? Will the Canadian government pay ransoms to criminals if they happen to be abroad? Come to think of it, maybe these ones were too.
Or is the issue here the size of the ransom? … Under, say, $25,000 is OK, but over, and you’d better have an up-to-date will, or at least an alternative email system.
Is it ethically proper for a public institution to encourage cyber crime by paying ransoms? Actually, for any institution, including private companies, to do so? (Ms. Dalgetty may have some thoughts on this. She was hired away from a senior management position with a private-sector energy company back in 2014.)
By paying off the crooks, didn’t the University of Calgary just endanger the safety of email systems and large stores of precious data at every other Canadian research university?
Are there no policies regarding the payment of ransoms by public institutions in such circumstances, which, according to the PM’s logic and common sense with which just days ago we were all nodding our heads in agreement, is an anti-social act?
And then there are the old crime reporter’s questions: How was the money transferred? To where? Were the police informed before the ransom was paid?
The police are investigating, we are told. Perhaps there are ways for them to discover who the perpetrators are by paying attention to how the deal was negotiated, and how the ransom was paid. But then, wouldn’t that apply to dealing with terrorists too? (The answer, obviously, is yes.)
Does Justice Minister and Solicitor General Kathleen Ganley have anything to say about this?
Maybe this is happening all the time, and we just don’t usually hear about it. I’m sure it will please the U of C if nothing more is said.
Just the same, we await developments.
This post also appears on Rabble.ca.