Canadians are increasingly targets of ransomware attacks, with organized cybercrime activity posing a threat to national security, economy and critical infrastructure, officials are warning.
The Canadian Centre for Cyber Security released a report Monday, saying that over the next two years, “financially-motivated cybercriminals will almost certainly continue to target high-value organizations in critical infrastructure sectors in Canada and around the world.”
In particular, the agency categorized ransomware — in which digital files are held hostage or encrypted until a fee is paid — as the “most disruptive” form of cybercrime facing Canada.
“Ransomware has become one of the most devastating types of cybercrime, impacting individuals, businesses, and government agencies,” the report said.
“Over the next two years, we assess that cybercrime activity in Canada will very likely increase.”
The warnings come amid a year that has seen dozens of high-profile cyberattacks and ransomware targeting major businesses, healthcare networks, law enforcement and governments around the world.
Among all the ransomware incidents, the top sectors targeted in 2022 were manufacturing, businesses and professional services, information and communication technology, retail and consumer goods, and healthcare and pharmaceuticals.
Meanwhile, the top ransomware variants included LockBit, Conti, BlackCat/ALPHV, Black Basta and Karakurt.
The report assessed Russia, and to a lesser degree Iran, as likely “safe havens” for cybercriminals operating against Western targets.
“We assess that Russian intelligence services and law enforcement almost certainly maintain relationships with cybercriminals and allow them to operate with near impunity,” the centre said.
Threat to critical infrastructure
Canadian retailers and institutions have been among those hit in a wave of recent ransomware attacks.
Book retailer Indigo, grocer Sobeys, oil and gas producer Suncor Energy Inc., and Toronto’s Hospital for Sick Children have all been victims of ransomware attacks over the last year.
Cybersecurity officials are warning that more incidents could occur in the future and will “jeopardize national security, public and environmental safety, and the economy.”
“We assess that organized cybercriminal groups will almost certainly continue to target [critical infrastructure] providers, including organizations in Canada, in medium-sophistication attacks to try to extract ransom, steal intellectual property and proprietary business information, and obtain personal data about customers,” the report said.
The federal government introduced controversial legislation in spring 2022 that would compel critical infrastructure operators in five key sectors to comply with sweeping government orders to take actions to protect their cybersecurity.
But the bill has languished for a year and a half with no clear timeline for when the government will push to move it forward following concerns that it would enforce a “high degree of secrecy.”
According to a recent Statistics Canada report, cases of fraud, including identity theft, nearly doubled last year compared to a decade ago and was up four per cent from 2021.
Relatively high proportions of fraud and extortion are reported as cybercrimes, StatCan said.
— with files from The Canadian Press
© 2023 Global News, a division of Corus Entertainment Inc.