Hackers published a batch of internal documents from the Netherlands Organisation for Scientific Research (NWO) on the dark web yesterday, after the agency refused to pay up in a ransomware attack. The attack, which began on 8 February, has completely knocked out the agency’s grant application and review process and cut off NWO’s communication with applicants, grantees, and universities.
Ransomware attacks on organizations, companies, and even hospitals have become increasingly common, and some institutions have decided that paying is the easiest way to get computer systems back up or prevent the release of confidential data. NWO refused to do so. “On fundamental grounds, NWO, as part of the Dutch governmental institutions, isn’t willing to pay ransom,” the agency said in a statement yesterday. “Although NWO highly regrets the unfortunate situation of sensitive personnel documents being spread … NWO will not alter its position.” The funder says more stolen documents may end up in public “in the near future.”
NWO, whose nearly €1 billion budget makes it the main Dutch funding agency, disclosed the hack on 14 February. The agency can no longer use email, other apps, or its telephone lines; neither can a number of organizations affiliated with or hosted by NWO, including the Netherlands Initiative for Education Research and the European Polar Board. NWO has canceled many meetings until at least 15 March and says it can’t receive or pay bills; the best way for applicants and grantees to get in touch, the organization says, is via a frequently asked questions page. (The agency’s website was not affected by the attack.) “We’re very sorry for the inconvenience that this causes to our applicants,” a spokesperson says.