Are we protected against cyberattacks for ransom?

Security of online information and communications is becoming an increasing concern. Recent cyberattacks on five hospitals in the Windsor Sarnia area in Ontario, the Toronto Public Library, and the York Region District Board are examples of an increase in such attacks by hackers who are becoming increasingly proficient and bold.

The phantom modes of money transfer, such as Bitcoin, the ready availability of programming and coding knowledge, further facilitated by generative AI, and global political/ideological polarization likely provide secure physical and digital spaces to hackers that are causing a marked increase in cyber-attacks across the globe.

The chart above [For the interactive version, click at https://datawrapper.dwcdn.net/VJiUH/1/ ] shows that news reports about cyberattacks in Canada where the term "cyberattack" appeared anywhere in the text or was mentioned in the headline or the lead paragraph have been becoming more frequent, suggesting a heightened vulnerability of our digital infrastructure.

According to data compiled by Ani Petrosyan at Statista, organizations globally faced a staggering 493.33 million ransomware attempts in 2022, still lower than the peak of 623 million attacks in 2021. Ransomware attacks predominantly target entities that handle vast amounts of data and are critical to the economy. Once attacked, these organizations often pay the ransom to retrieve stolen data rather than immediately reporting the incident. In Germany, for instance, the average data ransom payout is about a million dollars. This approach is partly due to the severe reputational damage that data loss can inflict, contributing to the underreporting of ransomware attacks. So if you thought 493 million attacks seemed high, think again.

The manufacturing industry, a significant contributor to economies worldwide, frequently falls prey to ransomware. In 2022, there were 437 reported attacks in this sector alone. The food and beverage industry was the next most affected, experiencing over 50 attacks. In terms of geographical impact, North America led in the share of ransomware attacks on critical infrastructure, followed by Europe. Notably, the healthcare and public health sectors in the U.S. reported the highest number of ransomware complaints to law enforcement agencies in 2022.

The concept of Ransomware as a Service (RaaS) has been in existence for over a decade. This business model involves a collaboration between hackers, who develop ransomware, and affiliates, who deploy these tools in attacks. Under this model, the creator of the RaaS receives a fee for each successful ransom collected. In the first quarter of 2022, the number of active RaaS extortion groups escalated to 31, a significant increase from the 19 groups recorded in the corresponding quarter of 2021.

Canada must act fast and firmly to secure online data and communications for public and private sector entities. The well-being of Canadian citizens and the economic competitiveness of our industry depend upon the security of our digital storage and communication systems.

The latest gift of $15 million to the Rogers Cybersecure Catalyst (the Catalyst) at Toronto Metropolitan University recognizes our heightened need to accelerate investments in improving systems, workforce awareness and responsiveness, and intellectual capital in cybersecurity.

The “Catalyst is celebrating its fifth anniversary as a major hub for training, innovation and collaboration in cybersecurity.” Rogers Communications has committed $15 million in funding, while Royal Bank of Canada has promised $1 million. These investments will go a long way in securing our digital present and future.

I am delighted to congratulate the Catalyst on securing a significant investment, marking a pivotal moment in our efforts to enhance cybersecurity. Data today is as valuable as oil and water, if not more. Thank you Mohamed Lachemi , Dr. Roberta Iannacito-Provenzano , Navdeep Bains , Adam Evans , Marilena Danelon, MA, GSEC, GCIH , Charles Finlay , Mayor Patrick Brown , Fadwa Mohanna , and industry partners for helping build a secure digital future for Canada.