Ransomware is a type of malicious software that is specifically designed to block systems or files until a victim—typically a company or high-ranking professional—has paid a sum of money to regain access. These types of attacks can be costly, sometimes averaging up to $50,000.
According to the recent report, the State of Ransomware, by malware remediation company Malwarebytes, Canadian businesses were among those most likely to pay ransomware demands. Additionally, the report, which examined 5,400 IT staff across Canada, the United States, the United Kingdom and Germany, showed that Canadian businesses ranked among the highest for lost revenue and business interruption following an attack.
In total, around 75 per cent of Canadian businesses admitted that they would pay an attacker to regain access to key systems and functionality. Other interesting findings from the report included the following:
- Ransomware can impact more than the original infected system or file. In the report, Canada ranked the highest for ransomware penetration, as close to half of attacks affected 26 per cent or more of a company’s extended network.
- Executives and senior-level staff are typically the targets of ransomware schemes.
- On average, ransomware attacks in Canada were twice as expensive as those in the United States.
- Business applications were found to be the most common vulnerability to ransomware in Canada. While email attacks are common in other countries, Canada’s strict anti-spam laws could be contributing to the lower number of email attacks.
- Despite Canada ranking poorly in terms of business interruption and overall cost as it relates to the impact of ransomware attacks, 51 per cent of surveyed businesses claimed they were confident in their ability to stop an attack.
- Health care and financial services were found to be the most common industry targets for ransomware attacks.
Ransomware attacks are a serious concern—one that continues to impact Canadian businesses. In the past year alone, more than one-third of security attacks in Canada were ransomware-related. To protect themselves from this ongoing threat, organizations should consider having a risk assessment done to determine and remediate potentially vulnerabilities.
© Zywave, Inc. All rights reserved