Subscribe Now

* You will receive the latest news and updates on the Canadian IT marketplace.

Trending News

Blog Post

Majority of Canadian firms hit by cyber attacks pay ransom to get data back

Majority of Canadian firms hit by cyber attacks pay ransom to get data back 

Survey firm Osterman Research interviewed 125 Canadian respondents and found that 44 were victims of ransomware attacks over the previous 12 months. Of the victims, 33 paid a ransom in order to regain stolen data.

The report also includes surveys taken in the United States, Germany, and the United Kingdom on ransomware and related issues. However, the focus of the Malwarebytes release were Canadian organizations. In order to qualify for participation in the survey, respondents had to be a CIO, IT manager, IT director, CISO or in a related role; and knowledgeable about security issues within their organization.


The 10 Canadian cities that are ransomware magnets

Cyberattacks top concern of Canadian companies

The survey found, that five of the victimized Canadian organizations were from the healthcare industry. They said they believed the attacks placed lives at risk.

Only 25 per cent have decided not to pay the ransom. Among the nations we surveyed, organizations in Canada were significantly more likely to pay ransom demands than organizations in other countries.

Ransomware attacks can be costly for businesses. Eleven of the targeted companies had to cease operations in order to deal with the attacks.

“The impact of ransomware on Canadian organizations is significant relative to the other nations surveyed in a couple of ways,” according to Malwarebytes.

The company cited to main reasons:

  • Ransomware victims in Canada were much less able to contain the spread of the infection to fewer than one percent of the endpoints when compared to organizations in the United States.
  • Canada is the only other nation surveyed beside the United Kingdom in which some ransomware infections spread to the entire corporate network.

Other findings were:

• Ransomware attacks on Canadian organizations have had a reasonably significant impact: nearly two-thirds of successful ransomware attacks are able to reach up to 25 per cent of endpoints, and one-third more has impacted up to 50 per cent of endpoints.

• Canadian survey results show that 22 per cent of attacks impacted mid-level managers or higher, with eight percent of incidents attacking senior executives and the C-Suite.

• The business impact in Canada was high, with 43 per cent of the organizations surveyed reporting lost revenue and 25 per cent revealing a stop in business operations as a result of a ransomware infection. Eleven per cent claimed that lives were at risk from ransomware, the highest percentage among the regions surveyed.

• Canadian organizations were the most likely to pay ransom demands (75 percent) and if they didn’t pay, 82 per cent lost files. Globally, nearly 40 percent of ransomware victims paid the ransom.

• The most heavily targeted industries for ransomware are healthcare and financial services.

“Interestingly and somewhat ironically, Canadian organizations were the most likely to pay ransomware demands and the most likely to lose files if they chose not to pay,” according to an assessment by the Osterman Research. “The fact that files were lost after a decision not to pay a cyber criminal’s ransom demands is not surprising, but the relative proportion in Canada that lost files is a bit perplexing.”

The research firm said there is “rarely” a way to decrypt files without the key provided by the ransomware author, “the likelihood of being able to thwart the ransomware encryption is nil.”

Most organizations back up their endpoints. But these backups are typically performed overnight, and so data created since the last backup can be lost if an endpoint needs to be reimaged in the wake of a ransomware exploit. “In short, organizations that choose not to pay ransomware can count on losing at least some files as a result,” the research firm said.

The research found the highest rate of file loss in Canada (82 per cent), followed by the United Kingdom (32 per cent) and Germany (11 per cent).

How are Canadian organizations dealing with ransomware attacks?

Seven out of ten choose to use network segmentation as one of their tools to address ransomware.

Regular, on-premises data backup is also used by 60 percent of organizations.

Ransomware-detection solutions – both on-premises and in the cloud – are lower priority tools to address the ransomware problem.

Using backups that will help restore endpoints to a known good state is a common tool employed to remediate ransomware attacks in all of the nations surveyed. The method is most common in Germany and the United States.

Air gaps were more often cited by Canadian organizations than others as an anti-ransomware capability. The use of air gaps is a network security measure that isolates a computer network physically from unsecured networks such as the public Internet or an unsecured local area network.

More than one-half of Canadian organizations surveyed place a high or very high priority on addressing the ransomware problem. However, fewer than one-quarter give high or very high priority to investing in education and training about ransomware for their end users, while 38 per cent has established investing in resources, technology and funding to address ransomware as a high or very high-priority.

Related posts