Ransomware assaults are increasingly targeting Canadians, with organized cybercrime activity posing a danger to national security, the economy, and essential infrastructure, officials warn.
According to research issued Monday by the Canadian Centre for Cyber Security, during the next two years, “financially-motivated cyber criminals will almost certainly continue to target high-value organizations in critical infrastructure sectors in Canada and around the world.”
The agency identified ransomware, which holds digital information hostage or is encrypted until a price is paid, as the “most disruptive” type of cybercrime confronting Canada.
The survey claims that ransomware has developed into one of the most damaging categories of cybercrime, affecting people, businesses, and government organisations.
The warnings follow a year that has witnessed hundreds of high-profile hacks and ransomware assaults on big organisations, healthcare networks, law enforcement, and governments worldwide.
Manufacturing, enterprises, professional services, information and communication technology, retail and consumer products, and healthcare and pharmaceuticals were the top industries targeted in 2022 among all ransomware occurrences in Canada. In the meantime, the most common ransomware types were LockBit, Conti, BlackCat/ALPHV, Black Basta, and Karakurt.
The data suggests that Iran and, to a lesser extent, Russia are likely “safe havens” for hackers who attack Western targets. According to the center’s analysis, Russian law enforcement and intelligence services almost certainly maintain communication with cybercriminals and let them operate with almost total impunity.
Canadian shops and organisations have been targeted in a recent wave of ransomware assaults. Over the previous year, ransomware assaults have targeted Indigo Books & Music Inc., Sobeys Inc., a supermarket chain, oil and gas giant Suncor Energy Inc., and Toronto’s Hospital for Sick Children.
According to the RCMP, 454 ransomware attacks with a Canadian connection occurred last year, and more than $530 million in financial damages were reported to the Canadian Anti-Fraud Centre for different forms of cybercrime and fraud.
However, approximately 5 to 10% of cybercrime victims disclose to law enforcement, according to Chris Lynam, director general of the RCMP’s National Cyber Crime Coordination Centre (NC3) and Canadian Anti-Fraud Centre.
Given the gravity of the threats, officials asked Canadians to take precautionary precautions and report any incidences. According to Sami Khoury, director of the Canadian Centre for Cyber Security, coordination with provinces and international partners is critical to combating cyberattacks.”The good news is that most cyber incidents can be avoided with basic cybersecurity measures,” Khoury noted.
The Cyber Centre’s website provides information and counselling to Canadians on how to protect themselves from different internet hazards.
In the spring of 2022, the federal government announced contentious legislation that would require critical infrastructure operators in five important industries to comply with broad government mandates to implement cybersecurity measures.
However, the measure has been dormant for a year and a half, with no precise date for when the government would press for its passage, owing to fears that it would impose a “high degree of secrecy.”
According to a recent Statistics Canada study, fraud incidents, including identity theft, nearly quadrupled last year compared to a decade earlier and were up 4% from 2021. Often, a disproportionate amount of fraud and extortion are recorded as cybercrimes.
