How many Canadian organizations have been hit by ransomware attacks?

How many Canadian organizations have been hit by ransomware attacks? | Insurance Business Canada

How many Canadian organizations have been hit by ransomware attacks?

A new survey from the Canadian Internet Registration Authority (CIRA) found that a significant portion of Canadian organizations suffered cyberattacks over the past year, and that these organizations also feel that the volume of such attacks have increased during the pandemic.

The CIRA’s annual Cybersecurity Survey found that 36% of Canadian cybersecurity professionals feel the volume of cyberattacks has increased during the pandemic. This figure is up from the 29% of organizations that answered the same last year.

The survey also found that in the past 12 months, nearly one in five Canadian organizations (17%) experienced ransomware attacks – and of those that experienced ransomware attacks, 69% indicated that they paid the ransom to avoid business downtime, reputational damage, and the costs from not paying.

“It feels like the pandemic forced 10 years of cybersecurity adoption to happen in about 10 weeks,” commented CIRA general manager for cybersecurity and DNS services Mark Gaudet. “The pivot to work-from-home and employees using their own devices really increased the number of security threats facing organizations, and the bad guys did everything they could to take advantage of the situation.”

Gaudet added that while cyber threat actors are ramping up their attacks, Canada’s security pros are not taking it laying down.

“[Canadian organizations] got to work and implemented new policies, technologies, and security training boot camps for staff protections they plan to keep in place long after the pandemic,” the general manager said.

Other findings of the survey include:

  • 64% of organizations surveyed said they support legislation that would prohibit paying ransom demands.
  • 59% of organizations have cybersecurity insurance coverage as part of their business insurance; 29% have a cybersecurity-specific policy.
  • Most organizations with cybersecurity coverage say their provider has increased premiums, or requested new forms as proof of the corporate cybersecurity measures in place.
  • 95% of organizations indicated that at least some of their new COVID-19-related cybersecurity protections will be permanent.

CIRA’s new survey comes as the group participates in MapleSEC, Canada’s newest cybersecurity conference, which takes place this week from October 05 to 07.