What percentage of Canadian businesses affected by ransomware pay the full demand?

New report reveals that Canadian companies are now more vulnerable to this threat

What percentage of Canadian businesses affected by ransomware pay the full demand?

Canadian companies are not just becoming more vulnerable to the threat of ransomware, but are increasingly desperate to pay off the ransom demands to free their computer systems, a new report from Canadian IT company NOVIPRO has found.

NOVIPRO’s sixth annual “IT Portrait of Canadian Businesses,” produced in collaboration with Leger, found that more than half (56%) of organizations targeted by ransomware have paid the full amounts requested by the threat actors responsible. Of those that paid, 33% worked with a negotiator, while 23% paid the ransom without help from an intermediary.

Notably, the study revealed that 53% of companies said that their employees are their largest source of cyber threats. Among those who indicated this, 31% said the cyberattacks were motivated by malicious intent, while 22% said an employee unintentionally triggered a cyberattack.

The report noted that most of the companies surveyed (60%) have sensitive customer data such as credit card numbers, social insurance numbers, and so on. Nearly a third (28%) of the companies also indicated that they value their information assets at over $1 million.

The rise in popularity of the hybrid work model has also raised cybersecurity concerns among Canadian businesses, NOVIPRO said. Some 43% of respondents said that they are more concerned about a breach since the introduction of hybrid work. This has prompted 73% of organizations to assess their cybersecurity practices, such as through employee training (32%), developing a telecommuting policy (31%), or investing in software (29%), among other measures.

"As an entrepreneur, I am very concerned that so many organizations are paying a ransom," said NOVIPRO co-founder and CEO Yves Paquette.

Paquette advised that companies need to be more proactive in mitigating cyberattacks if they want to limit the impact of malware on themselves and their customers.

“If organizations invested even a fraction of the potential cost of an attack, they could easily put systems in place to guard against such fraud,” the chief executive added.

Read more: Cyber hackers set sights on critical infrastructure providers – report

A previous report released by the Communication Security Establishment’s (CSE) Canadian Centre for Cyber Security in December found that of the 235 recorded ransomware attacks against Canadian companies in 2021, more than half were targeted at critical infrastructure providers – these include businesses involved in energy, healthcare, and manufacturing.

Recent articles & video

Mounting threats to gender-based rights a theme at LEAF’s annual Equality Day reception

Ontario Court of Appeal clarifies insurance coverage rule for passengers of stolen vehicles

Top Personal Injury Boutiques for 2023 unveiled by Canadian Lawyer

Lega unveils LLM governance platform to jumpstart law firms' AI journey

Cassels reimagines office design, replaces ‘old partner’ setup with ‘equality of access’ to daylight

Report calls for federal framework to implement Canada’s international human rights obligations

Most Read Articles

Cassels reimagines office design, replaces ‘old partner’ setup with ‘equality of access’ to daylight

SCC finds company committed abusive tax avoidance in case dealing with general anti-avoidance rule

The Law Society of Ontario governing coalition will face serious challenges

For AI, intellectual property must now reward and incentivize creativity and inventiveness: lawyer