In September 2020, The Government of Canada released a bulletin titled “Modern Ransomware and Its Evolution” alerting SMB’s across the nation of a drastic increase in external attempts to extort and withhold critical data / infrastructure from a diverse set of local industries. The ten-page document highlights the evolution of ransomware and the threat it poses on the business community.
Ransomware is defined as “a form of malware that uses encryption to disrupt information technology (IT) systems, typically to impede organizational functions that depend on having unfettered access to data”.
- In 2019 The City of Woodstock, ON incurred over $660,000 in damages after refusing to pay its attackers.
- Ransomware researchers estimate that the average ransom demand increased by 33% since Q4 2019 to $111,605 in Q1 2020
The result being a demand of electronic payment to decrypt data and restore business services. A common misconception of Canadian SMB’s is believing a hacker would not target their business as they believe they are “Too Small”, we are witnessing the exact opposite to hold true in the marketplace.
Hackers are using methods called phishing attacks, a tactic where every door, window and access point is checked for vulnerability to see if one can easily be opened. SMB’s leave themselves vulnerable to these attacks due to but not limited to:
- Lack of I.T related safety infrastructure (Business Class Servers, Firewalls, Data Backups, Etc.)
- Absence of completed Network Vulnerability Scans or Network Assessments
- Insufficient Internal / External IT Support
In the bulletin, it was noted that Canada ranks among the top countries impacted by ransomware. Nine different key ransomware variants and operations were highlighted and while ransomware has appeared since 1989, it was not until 2013 when Russian cybercriminal Evgeniy Bogachev introduced “CryptoLocker” that IT ransomware concerns were brought to the forefront of SMB’s around the globe.
Now, you might be wondering what you can do to keep your business secure in the long-term?
- Be proactive, don’t bluff off this reading or the latest ransomware attack and think “that would never happen to us!”
- Investigate the last time you conducted an audit of your network security. If you outsource your IT operations, ask them for a detailed report along with an executive summary of your current infrastructure and assets.
Empower yourself and your business, do not be afraid to ask the tough questions and be curious!
Advanced Office Solutions (AOS) is invested in the success of our business communities, we aim to educate our client base on where their investment of time and dollars are being spent. We believe in a Relational vs. Transactional approach with our customers to ensure the proper layers of support are in place. The investment in your IT infrastructure should yield visible success, return and increased peace of mind.
For additional information please contact:
Full Link to the Government of Canada Bulletin: https://cyber.gc.ca/en/guidance/cyber-threat-bulletin-modern-ransomware-and-its-evolution