Canadians are increasingly becoming the target of ransomware attacks, with organized cybercrime posing a threat to national security, the economy and critical infrastructure, officials warn.
The Canadian Center for Cyber Security released a report Monday stating that “financially motivated cybercriminals will almost certainly continue to target high-value organizations in critical infrastructure sectors in Canada and around the world over the next two years. “
Notably, the agency ranked ransomware — which involves holding digital files hostage or encrypting them until a fee is paid — as the “most disruptive” form of cybercrime Canada faces.
“Ransomware has become one of the most devastating forms of cybercrime, impacting individuals, businesses and government agencies,” the report states.
“We believe that cybercrime activity in Canada is very likely to increase over the next two years.”
The alerts come amid a year in which dozens of high-profile cyberattacks and ransomware targeted large corporations, healthcare networks, law enforcement agencies and governments around the world.
Indigo won't pay ransom to hackers, says stolen employee data may surface on ‘dark web' this week
Among all ransomware incidents in 2022, the manufacturing, enterprise and professional services, information and communication technology, retail and consumer goods, and healthcare and pharmaceutical sectors were the most affected.
Meanwhile, top ransomware variants include LockBit, Conti, BlackCat/ALPHV, Black Basta, and Karakurt.
The report ranked Russia, and to a lesser extent Iran, as likely “safe havens” for cybercriminals targeting Western targets.
“We believe that Russian intelligence and law enforcement agencies almost certainly maintain ties with cybercriminals, allowing them to operate with near impunity,” the center said.
Threat to critical infrastructure
Canadian retailers and institutions have been among the victims of a recent wave of ransomware attacks.
Bookseller Indigo, grocer Sobeys, oil and gas producer Suncor Energy Inc., and Toronto's Hospital for Sick Children have all fallen victim to ransomware attacks in the last year.
Cybersecurity officials warn that there could be more incidents in the future that “endanger national security, public safety and environmental safety, as well as the economy.”
hot right now
Hurricane Franklin gaining strength, Idalia expects to hit Florida as a hurricane
Kleen exit: The iconic tissue brand is being removed from Canadian shelves
“We anticipate that organized cybercrime groups will almost certainly continue to carry out attacks [critical infrastructure] Vendors, including organizations in Canada, are conducting attacks of moderate complexity to extort ransom, steal intellectual property and proprietary business information, and obtain customers' personal information,” the report said.
“Notable Rise” in Russia-Backed Cyber Attacks Against Canada: CSE
In the spring of 2022, the federal government passed a controversial law that would oblige operators of critical infrastructures in five key sectors to comply with far-reaching government orders and take measures to protect their cyber security.
But the bill has been on hold for a year and a half, and there's no clear timeline for when the government will push to move it forward amid concerns it would enforce “a high level of secrecy”.
According to a recent report by Statistics CanadaFraud cases, including identity theft, have nearly doubled in the past year compared to a decade ago and are up four percent compared to 2021.
According to StatCan, a relatively high proportion of fraud and extortion are reported as cybercrimes.
– with files from The Canadian Press
© 2023 Global News, a division of Corus Entertainment Inc.