TORONTO -- A new report released by cybersecurity company Emsisoft estimates that ransomware demands increased by more than 80 per cent globally in 2020, with hundreds of millions of dollars estimated to have been paid out in ransoms in Canada alone.
The report, entitled 鈥溾 was compiled by the Emsisoft malware lab, and examined incidents submitted to ransomware identification service ID Ransomware.
ID Ransomware is a service that allows victims of ransomware attacks to upload their compromised data for it to be analyzed in order to find out if it is salvageable and who the attack was perpetrated by.
Submissions to ID Ransomware constitute a confirmed incident of a ransomware attack, the report says, estimating there were a total of 506,185 during 2020 鈥 but 鈥渢ruly accurate projections are impossible due to limited datasets and information sharing limitations.鈥
The report estimated that the average ransomware payment is US$154,108 and 27 per cent of impacted organizations paid up 鈥 with the average cost of downtime estimated at US$274,200.
Brett Callow, a threat analyst at Emsisoft, said the number of ransomware attacks in North America decreased slightly in 2020 but only because criminals were 鈥渁bandoning large scale attacks鈥 where they hit lots of smaller organizations at once, instead focusing on larger targets with more focused attacks.
鈥淚n 2018 the majority of victims were small businesses with an average ransomware demand of $5,000,鈥 Callow said in a telephone interview with CTVNews.ca Thursday. 鈥淣ow you have much larger organizations targeted like Honda and Garmin.鈥
Law enforcement agencies are also being targeted. Callow , which was hit by a ransomware attack Tuesday.
鈥淭he attackers are threatening to release details on police informants to the gangs that they are informing on, unless the police pay up,鈥 Callow said. 鈥淭hese threats are really quite serious 鈥 they鈥檙e not just expensive, they represent a threat to people鈥檚 health and safety.鈥
RANSOMWARE ATTACKS IN CANADA
In the report鈥檚 country-by-country breakdown, Emsisoft estimated that Canada had experienced more than 4,000 ransomware incidents in 2020 鈥 with a minimum ransom cost estimate of US$164,772,274 and a maximum estimate of US$659,246,267.
When factoring the added cost of downtime due to ransomware attacks, those numbers jump to a minimum downtime and ransom cost estimate of US$1,011,008,551 and a maximum estimate of US$4,044,034,203.
鈥淩ansom demands have increased significantly,鈥 Callow said. 鈥淭he attacks are against larger enterprises and the cost of downtime is much greater than it used to be, and the attacks themselves are more disruptive.鈥
Callow said 鈥渧ery often鈥 the attacks constitute 鈥渇ull on data breaches鈥 that impact customers and their private data 鈥 which can end up posted online or sold.
The as a medium for payment, as it is easily accessible and hard to trace, Callow said.
Attackers will gain access to a victim鈥檚 data, encrypt it, and then send a demand for ransom to the victim in order to unencrypt their information and regain access to it.
鈥淎t the end of 2019, most ransomware attacks only encrypted their targets data and were successfully able to attack Windows systems,鈥 Callow said. 鈥淣ow they encrypt their target鈥檚 data and steal a copy of it 鈥 and they鈥檙e able to attack Linux servers too. if the victim doesn鈥檛 pay, the data gets posted online in a series of instalments.鈥
In January, for his alleged involvement in the 鈥淣etWalker鈥 ransomware attacks that targeted institutions like the College of Nurses of Ontario and the Northwest Territories Power Corporation.
In November, the with a demand for $17-million-worth of Bitcoin in ransom, while by a cyberattack demanding $7.5 million in December.
A Statistics Canada 2020 , said that 21 per cent of the overall Canadian business population reported being impacted by cybersecurity incidents, but only 12 per cent reported these incidents to police. Businesses reported spending a total of $7 billion directly on measures to prevent, detect, and recover from cybersecurity incidents in 2019.
In an emailed statement to CTVNews.ca, the Canadian Centre for Cyber Security (CSEC) said that cyber threats against Canadians and Canadian businesses are 鈥渆volving.鈥
鈥淭he commercial sale of cyber tools, coupled with a global pool of talent, has resulted in more threat actors and more sophisticated threat activity,鈥 the statement reads. 鈥淚llegal online markets for cyber tools and services have also allowed cybercriminals to conduct more complex and sophisticated campaigns.鈥
The Cyber Centre that provides information on how Canadians can protect themselves from ransomware and how to recover if they are attacked.
Callow said most corporations and individuals can mitigate their chances of being the victim of ransomware attacks by 鈥渃overing the security basics鈥 like not opening suspicious emails, and incorporating dual-authenticated ID systems.
