Canadian firms paying ‘significantly’ more in ransomware attacks: data

Canadian companies are now paying more than $1 million in ransomware attacks, according to a new study.

The report, from cybersecurity firm Palo Alto Networks and the Angus Reid Institute, a polling firm, found that slightly fewer Canadian businesses reported receiving ransomware attacks, but those that did saw more expensive demands and were forced to pay more money.

“The average ransom paid has increased significantly to more than $1.130 million CAD (in 2023) – an increase of almost 150% in two years,” it states. “Additionally, the average ransom demanded saw a steep rise of 102% to C$906,115 in 2023 up from C$449,868 in 2021.”

The report polled 1,000 companies with more than 100 employees.

Manufacturing, construction and healthcare and pharmacy companies are targeted most, the report states.

Natalia Stakhanova holds the Canada Research Chair in security and privacy. She told Global News the reports’ findings aren’t surprising.

She said hackers are likely asking for more money because it costs them the same to blackmail a small company as it does a large company, and because things are getting more expensive.

“We’re all seeing inflation at the grocery store. So I think it’s quite natural to see the the increase in the ransom numbers,” she said, speaking from Saskatoon.

She said manufacturing companies could be targeted most because some have “bigger pockets.”

1:52 Canada’s critical infrastructure vulnerable to cyberattacks: report

Ransomware, she said is “a new version of an extortion attack,” when hackers can either steal or encrypt data on a computer, only releasing the files after getting paid.

The report found that only 35 per cent of businesses paid the ransom in 2023, compared to 45 per cent in 2021 and that the overall amount of businesses reporting ransomware attacks fell to 35 per cent of those polled in 2023 from 37 per cent in 2021.

“The decrease in the number of attacks may very well be the result of more organizations taking a proactive approach in modernizing and updating their security infrastructure and refusing to pay ransoms,” the report reads.

Stakhanova agreed. She also suggested the change could come from some workers’ return to the office after the COVID-19 pandemic forced many to work remotely.

Companies, the report said, are also very concerned by the potential threat artificial intelligence poses.

Stakhanova said AI does pose a threat, but can also help protect against ransomware.

“I feel that we’re missing an opportunity of leveraging AI for the defensive purposes as well,” she said.

Stakhanova and the researchers said knowledge and awareness of phishing emails is key to protecting against ransomware, as is keeping devices updated.