A new report reveals that most companies hit by ransomware attacks are paying hefty sums to regain control of their systems.
In its fourth annual cybersecurity trends report, Blakes found that two-thirds of firms hit by ransomware attacks succumbed to hackers’ demands in 2022, up from 56% in the previous year.
The median ransom paid by these firms amounted to $546,000, the law firm reported, indicating a significant leap from $100,000 just two years earlier.
Blakes’ cybersecurity trends report is based on attacks disclosed by publicly traded companies on the Toronto Stock Exchange and their own clients’ data, tracking breaches that occurred between September 1, 2021, and December 31, 2022.
Speaking with the Toronto Star, Sunny Handa, a partner at Blakes and leader of the firm’s technology practice, expressed concern over the evolving tactics employed by cybercriminals.
In addition to encrypting data, hackers are targeting sensitive information and resorting to data publication to add further pressure on victims, Handa said.
They are also actively hunting backup systems, leaving companies with no choice but to comply with demands to avoid lengthy disruptions in operations.
One factor driving the huge increase in ransom demands is the emergence of what Handa described as a ransomware industry.
“[Hackers are] investing a lot more and they’re realizing that there’s a market here where people will pay so they’re asking for more,” he said.
Handa said the report does not cover every data breach that has occurred in Canada, with many companies choosing not to disclose such attacks.
Still, he said the goal was to provide valuable insights into the trends impacting Canadian businesses, noting that the financial repercussions of cybersecurity incidents extend far beyond ransom payments.
An example is Indigo Books & Music, which recently disclosed that it had incurred $5.2 million in expenses related to a ransomware attack that took place earlier this year.
Indigo refused to pay the ransom demanded by criminals who exploited its network using the LockBit software, but the retailer said it is still facing significant costs due to legal and professional fees, as well as “data remediation costs, hardware and software restoration and incremental inventory scrap.”
The attack also impacted sales processing and caused significant operational disruptions, according to Indigo’s disclosures.
What are your thoughts on this story? Feel free to comment below.
