Home
Business
A Colonial Pipeline station is seen in Cobb County, Georgia, on May 10, amid a cyberattack that shut the pipeline down.
John Spink / John.Spink@ajc.com / TNS
flag wire: false
flag sponsored: false
article_type: Opinion
pubinfo.section:
cms.site.custom.site_domain : thestar.com
sWebsitePrimaryPublication : publications/toronto_star
bHasMigratedAvatar : true
firstAuthor.avatar : https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/4/bf/41a/4bf41a72-9d1f-11ed-962a-731f98635eec.6456e853912fda7cde5a60abaa0ee692.png?_dc=1683211417
By
David Olive
Star Business Columnist
David Olive Star Business Columnist
One of the most under-reported — and harmful — phenomena in Canada is ransomware attacks.
Recent high-profile ransomware attempts, the most common form of cyberattack, have obscured how pervasive the problem is, and how urgent the need to better guard against it.
It is estimated that in Canada this year there will be such an attack every 11 seconds. Most of them go unreported to law enforcement, and the problem will get worse if that continues.
ARTICLE CONTINUES BELOW
A ransomware attack occurs when cybercriminals install malware in your computer network that encrypts your data so that you no longer have access to it. They then demand a ransom, usually payable in Bitcoin or another cryptocurrency, to “unlock” it.
Until recently, almost all ransomware victims in Canada were small and medium-sized businesses (SME). In fact, a 2019 survey of Canadian SMEs found that every one of them had faced a cyber threat, and 58 per cent reported that their data systems had been breached. (Some leading SME protections against ransomware appear near the end of this article.)
Three major shifts in ransomware activity are now underway.
First, cyber-thieves are raising their sights. They’re targeting bigger enterprises — in the public, private and non-profit sectors — and average ransom demands have skyrocketed, from an average of $5,000 in 2019 to the $82-million ransom paid in 2020 by attack victim United Health Services Inc., one of America’s largest hospital chains.
Second, ransomware attackers are no longer merely encrypting data, but stealing it as well. That way, if the victim refuses to pay the ransom, the attacker can threaten to sell your data on the black market or post it all over the internet.
That, in turn, opens the door to regulatory censure and class-action lawsuits against the victim over its failure to protect sensitive data on customers, suppliers, financial institutions and others with whom it does business. The victim’s data in the wrong hands is not only a problem for the victim, but for countless third parties whose own data, in the victim’s care, has also been compromised.
And third, information technology (IT) systems and operational technology (OT), once segregated, have increasingly been merged for efficiency. IT systems are the backbone of the computer network. OT systems run the network day to day. Merging them enables ransomware attackers to more easily take down an entire enterprise.
ARTICLE CONTINUES BELOW
ARTICLE CONTINUES BELOW
A malware attack, whether you pay the ransom or not, will disrupt your operations for an average of 19 days. Wiping and reloading a single computer, to ensure that all ransomware has been removed, can take three to four hours, and it is likely there is some data you will never recover.
Fortunately, cybersecurity is one of the fastest-growing fields of expertise today.
Agencies like the federal Canadian Centre for Cybersecurity, the FBI, and the growing global network of cyber-detectives to which they belong are developing increasingly effective means of preventing such attacks and resolving them.
That network also includes the leading computer software and hardware makers, who spend billions of dollars each year researching new methods of preventing ransomware and other malware attacks, and the swelling ranks of independent cyber-detectives who protect data systems and restore crippled ones.
But those folks have their work cut out.
An old expression applies here: the police are always one step behind the crooks, who keep finding new ways of doing harm.
At this writing, there already are at least 100 variants of the basic software tools that cyberattackers use.
ARTICLE CONTINUES BELOW
ARTICLE CONTINUES BELOW
And those deploying malware are increasingly targeting basic physical and social infrastructure that provides essential services to millions of people.
The first wave of those large-scale attacks, in 2020 and this year, has shut down hospitals, airports, universities, municipal transit systems, law-enforcement agencies, local and regional governments, and multinational corporations.
Among the highest-profile ransomware victims are America’s largest fuel pipeline (Colonial Pipeline Co.); the world’s biggest meat packer (JBS SA, including its plant in Brooks, Alta., Canada’s largest meat packing facility); CNA Financial Corp., one of the U.S.’s largest insurers; Ireland’s biggest hospital network; and the Washington, D.C. police department.
Closer to home, prominent victims of ransomware attacks include
Humber River Hospital
, the City of Saint John (which paid a $17-million ransom), Vancouver TransLink ($7.5 million), the regional governments of Stratford, Ont., and the Okanagan Valley, and the College of Nurses of Ontario.
With essential infrastructure including electric utilities and power grids now threatened, FBI director Christopher Wray was prompted in congressional testimony this month to equate the ransomware threat with the 9/11 attacks.
Last month, Chris Krebs, the former top cybersecurity official in the U.S. Department of Homeland Security during the Trump administration, told the U.S. Congress that “We are on the cusp of a global digital pandemic, driven by greed, a vulnerable digital ecosystem, and an ever-widening criminal enterprise.”
ARTICLE CONTINUES BELOW
ARTICLE CONTINUES BELOW
Now that ransomware is a national security issue, there is a risk that less attention will be paid to the security needs of SMEs. And they are still under attack. In Canada, there were an estimated 4,000-plus ransomware attacks on SMEs in 2020, with a total cost to victims of as much as $5 billion.
So, it’s imperative that SMEs take steps on their own to protect themselves.
The Canadian Centre for Cyber Security (CCCS) publishes a
must-read guide
for SMEs on protecting from ransomware attacks and how to respond to them. It’s also worth routinely checking CCCS’
home page
for updates on new threats and protective measures.
The recommendations that follow are drawn only from CCCS’ guidance on preventing attacks. As CCCS says, “Ransomware protection is key, because the cost of recovery is too high.”
Hire an IT professional to install a program that automatically patches software and computers. Patches close gaps that let malware get into the system. System users typically ignore or delay prompts to install patches provided by trusted software and hardware suppliers. CCCS reports that in about 40 per cent of cases, data breaches can be traced to unpatched systems. Royal Bank of Canada provides a
checklist
on what a small business should look for in a cybersecurity IT provider.
Train employees in “cyber hygiene” and prevention. That includes not opening suspicious emails, not clicking on pop-ups, and avoiding dubious websites. They all can, and usually do, ravenously collect proprietary data (phishing) and install malware, including ransomware.
Data must be backed up daily or, for an SME, at least every few weeks. And that data backup storage must be disconnected from the network, or it too could be compromised.
Finally, remove administrator rights from computers. All computers ship with full permissions rights to install software, a gateway to users inadvertently installing ransomware and other malware. Permissions must be removed from computers before they are assigned to users, so that only IT staff and outside IT contractors have administrative rights.
Be well. And stay safe from COVID-19 and malware, infections that spread like wildfire.
Opinion articles are based on the author’s interpretations and judgments of facts, data and events.
More details
David Olive is a Toronto-based business columnist for the
Star.
Report an error
Journalistic Standards
About The Star
Trending
Real Estate
A renovated semi-detached house in Toronto just sold for under $700,000. What does that say about the market?
7 hrs ago
Comments
Gta
‘He won’t be the last,’ warns Ontario mom whose boy was taken by children’s aid — only to die in the basement of the women charged with his care
7 hrs ago
Comments
20 years in isolation
This Ontario psychiatric hospital locks some patients up alone for years at a time. Why Waypoint’s ‘abusive’ use of seclusion doesn’t happen in the U.S.
7 hrs ago
Comments
Gta
5-year sentence for ‘violent recidivist’ who broke into 61-year-old Toronto woman’s home, climbed into bed with her naked
7 hrs ago
Comments
Personal Finance
Thinking of renovating? Here are the costly upgrades that won’t pay off — and the simple ones that will
2 hrs ago
Comments
United States
Rudy Giuliani hospitalized in critical condition, his spokesman says
13 hrs ago
Federal Politics
The contest is nearly over to provide Canada’s next submarines
32 mins ago
Comments
Gta
North York fatal shooting victim and murder suspect identified by Toronto police
3 hrs ago
Comments
More from The Star & partners
More News
Ontario
41 years in the mines. Terminal cancer. And a hard choice to keep working. What his story and new data reveal about the costs of Ontario’s mining boom
Article was updated
12 mins ago
Comments
United States
Endangered whale protections may be delayed to 2035 under Trump-blacked plan
28 mins ago
United States
Rudy Giuliani is breathing on his own while hospitalized with pneumonia, spokesperson says
Article was updated
2 mins ago
Canada
Mock beheading of Quebec labour minister at May Day protest draws outrage
Article was updated
34 mins ago
Comments
Canada
One arrested after unauthorized aircraft access at Vancouver airport
46 mins ago
Comments
Federal Politics
Auditor general reports on avian flu vaccines, First Nations funding
Article was updated
47 mins ago
Comments