Initial findings indicate that this cyber event may have been avoidable.  The hackers gained access through a security flaw in Citrix’s VPN software that dated back to January of 2020.  Apparently the Dusseldorf University was not the intended target of the hackers.  It was reported that they provided a ransomware decryption key for free to the institution.