Ransomware attacks cost Canadian organizations an average of almost half a million dollars last year, according to a recent report that offers tips on preventing costly breaches.
A December 2021 report from cybersecurity firm Palo Alto Networks found ransomware attacks cost Canadian organizations an average of $458,247 last year. The majority of victims (58%) said they paid the ransom – and 14% said they paid more than once.
It's not just the ransoms that are costly – so is the road to recovery. According to the report, 58% of ransomware victims said it took more than a month to recover from an attack. Twenty-nine percent said recovery took more than three months, and 9% said it took more than five or six months to recover.
Attacks Are Sector Agnostic
No sector is safe from ransomware attacks. The report found targets ranged from gas pipelines to meat packing plants, as well as critical services such as hospitals.
The majority of verified attacks in Canada (43) were in the industrial sector, which is particularly vulnerable due to the prevalence of organizations with out-of-date security systems, Palo Alto noted.
The consumer discretionary and consumer staples sector experienced 27 attacks, while the information technology sector had 11 attacks. Government organizations, as well as the financial, real estate and materials sectors, each experienced six attacks.
Many ransomware attacks go unreported, so it's likely the numbers in the Palo Alto report represent only a small portion of the attacks that took place last year.
Who's Demanding the Ransom?
According to the report, Conti ransomware was the most prevalent form of attack last year, claiming 31 victims in Canada. Palo Alto described Conti as one of the most "ruthless" forms of ransomware, often targeting hospitals, emergency services and law enforcement – and sometimes refusing to return stolen data after receiving a ransom payment.
Other common forms of ransomware last year were LockBit 2.0 (15 victims), Avaddon (eight victims), PYSA and Clop (both claimed seven victims).
Preventing Attacks
The Palo Alto report recommended organizations adopt a number of strategies to limit their risk of ransomware attacks, including:
- Blocking unknown traffic on system networks
- Blocking known phishing URLs and malicious URLs
- Analyzing incoming files for malicious behavior
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
