In June 2016, a Canadian university found itself the victim of a ransomware attack. The malware encrypted all of the school's files as well as their email system, affecting professors, students, and administration. As a result of the widespread and urgent need to access the school's files and email system, the University paid the bitcoin ransom of $20,000 in exchange for the decryption keys in order to gain access once again.
Since the popular victims have lately been healthcare companies, a university attack appears to represent a new focus. Healthcare companies retain important and private information that is currently in demand from hackers, but this situation has demonstrated a new turn in targets. It exemplifies how some hackers seek monetary rewards, versus others who seek private information to sell. The school's email system did not necessarily contain private data valuable to the hacker, so encrypting that system was not for the purpose of obtaining information. Because professors, students, administration and various other employees of the university access its email system regularly, this incident affected thousands of people and created a chaotic environment in which there was no alternative system available to communicate with one another. It was also discovered that the university was not properly backing up their data, leaving them in a very vulnerable position at the mercy of the hackers.
Lastly, a university with thousands of students is assumed to have a lot of money; the University of California system has an annual budget of $27 million. Universities are not only assumed to have money, but they are also assumed to have copious amounts of important information to which people require timely access. By disturbing their mass communication system, the hackers exposed the time sensitive nature of communication at universities. This particular university did not have the luxury of time to wait for the issue to be fixed, so the ransom was paid.
This may be indicating a shift in, or expansion of, attack targets, reflecting the different motives behind hackers: those who want information, and those who want money. It also illuminates the fact that anyone can be a victim. Always be prepared, for the next shift in targets might be your industry.