You are here: Home Contents V15 N2 V15N2_Schell.html
Personal tools

How U.S. and Canadian Universities and Colleges Dealt with Malware and Ransomware Attacks in 2016-2017



Full text

Journal of Information Systems Security
Volume 15, Number 2 (2019)
Pages 117158
ISSN 1551-0123 (Print)
ISSN 1551-0808 (Online)
Bernadette Schell — Laurentian University, Sudbury, Ontario, Canada
Kalpdrum Passi — Laurentian University, Sudbury, Ontario, Canada
Luc Roy — Laurentian University, Sudbury, Ontario, Canada
Information Institute Publishing, Washington DC, USA




In February 2016, Hollywood Presbyterian Medical Center’s network was brought to a standstill for over a week as the hospital IT team worked diligently to recover from a ransomware attack. During the attack, hospital administrators declared an internal state of emergency as medical staff struggled—without success—to access patient records and critical computer systems critical to maintain adequate patient care. Because of these issues, some patients were transported to other functioning hospitals. The affected hospital’s computer systems were literally held hostage until a ransom of 40 Bitcoins—approximately $17.00 —was paid. Only then could the targeted hospital regain control and its files—encrypted by malware. Since this 2016 incident, at least three more healthcare organizations in the United States publicly reported operational disruptions due to crippling ransomware attacks. (LogRythm 2017). Add to the ransomware attack mix small, medium, and large businesses, government offices, educational post-secondary institutions, and financial institutions during this time period and it becomes understandable why the Institute of Critical Infrastructure Technology dubbed 2016 “the year ransomware will hold America hostage.” (LogRhythm 2017). To date, no study has reported how U.S. and Canadian universities have fared in the war against ransomware and vicious malware attacks during this period. This paper attempts to fill this void by providing descriptive statistics from online survey results delineating how a self-selected group of US and Canadian universities/colleges were affected by malware attacks on their networks in the 2017 academic year, and how satisfied the IT security experts at these institutions were with their capability to prevent, detect, contain, and recover from such attacks. Their views were compared with those reported by their industrial sector counterparts in previous years.




Ransomware and Malware Attacks, Disaster Recovery Planning, Employee Training on Malware Attacks, Risk Management




Blake, A. (2017). Police surveillance system hacked in D.C. prior to Trump’s inauguration. Retrieved February 5, 2017, from http:

Brewer, (2016). R. Ransomware attacks: detection, prevention, and cure. Network Security, 9: 5-9.

Castaldo, J. (2018). ‘Many companies not ready for new data-breach response rules, experts say. The Globe and Mail, 29 October 2018, p B2.

Cisco. (2016). Midyear Cyber-security Report’. Retrieved September 2016, from

Cisco. (2017). Cisco Ransomware Defense. Retrieved February 3, 2017, from

Computer Fraud and Security. UK major target for ransomware. (2016). Computer Fraud and Security, 20 (2016): 3.

Computer Fraud and Security. Ransomware hiding in the dark. (2015). Computer Fraud and Security, 9 (2015): 3-20.

Cooper, D. Highlights of the Canada Digital Privacy Act 2015. (2015): Retrieved June 24, 2015, from

Crocetti, P. (2017). Protection against ransomware becomes practical priority. Retrieved January 23, 2017, from



Hejazi, W., Lefort, A., Etges, R., and B. Sapiro. (2011). Chapter 12: The 2009 Rotman-TELUS Joint Study on IT Security Best Practices: Compared to the United States, How Well is the Canadian Industry Doing? In Holt, T.J. & Schell, B.H. IGI Global (Hershey, PA). Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications

Holt, T.J. and Schell, B.H. (2010). IGI Global (Hershey, PA). Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications (pp 228-265).

Kaspersky Lab. How Big a Threat is Cryptomalware to SMBs? (2017). Retrieved January 25, 2017, from

Liska, A. (2018). Ransomware Trends. Retrieved October 9, 2019, from

LogRhythm. (2016). The Ransomware Threat: A Guide to Detecting an Attack Before It’s Too Late. Retrieved February 4, 2019, from


Luo, X. and Liao, Q. (2007). Awareness education as the key to ransomware prevention, Information Systems Security, September 2007, 16:4,195–202.

Mansfield-Devine, S. (2016). Ransomware: Taking Businesses Hostage. Network Security (October, 2016): 8-17.

McGinn, S. (2017). Universities must take steps to protect against ransomware attacks. Retrieved February 1, 2017, from

Monika, Zavarsky, P., Lindskog, D. (2016). Experimental Analysis of Ransomware on Windows and Android Platforms: Evolution and Characterization. Computer Science, 94 (2016): 465–472.

Network Security. (2016). Ransomware claims more victims. Network Security, 12 (December, 2016): 2.

Network Security (2016). Ransomware menace grows as new threats emerge. Network Security. 8 (August, 2016): 1-2.

Osterman Research Inc. (2016). Understanding the depth of the global ransomware problem. An Osterman Survey Research Report. Retrieved August, 2016, from

Radware. C-Suite Perspectives 2018: Trends in the cyberattack landscape, security threats, and business impacts.


Scaife, N., Carter, H., Traynor, P. and Butler, K. (2016). CryptoLock (and Drop It): Stopping ransomware attacks on user data. 2016 IEEE 36th International Conference on Distributed Computing Systems. Retrieved September 2016 from

Schell, B.H., and Martin, C. (2006). Webster’s New World Hacker Dictionary. Indianapolis: Wiley Publishing, Inc., 2006.

Schell, B.H. (2006). Online Health and Safety: From Cyberbullying to Internet Addiction. Santa Barbara: Greenwood, 2016. Anonymity Online. (2017). Retrieved January 26, 2017, from

Versa Networks. (2017). Top 10 ransomware. Retrieved October 9, 2018, from