Ransomware attacks have been increasing globally over the years, and thousands of companies around the world have been affected as a result. Ransomware attacks, also known as Cyber-attacks, occur when a company’s online systems are hacked, taken over and locked unless a large ransom is paid.
Since the global pandemic has struck early last year, the FBI reported a 300% increase in cybercrime. This rise can be attributed to hackers taking advantage of increased online activity of knowledge employees while they are working from home. This current scenario represents a great opportunity for hackers. Remote workers have in fact accounted for a security breach in 20% of organizations. Phishing scams on the rise amongst the pandemic have included links asking for donations, as well as emails from professional-looking addresses luring individuals to open attachments which then implant malicious programs on the victim’s computer. Ransomware can also start through “drive-by” downloading, which happens when a user visits an infected website, and malware is downloaded into the user’s drive unknowingly.
The world’s largest ransomware attack to date has just recently occurred, and Canada was lucky to avoid any big hits. This month, Kaseya, a Florida-based Information Technology company, was hit with a ransomware attack that affected companies in 17 different countries, including the U.K., Sweden and Mexico. The company was hacked by a Russian-based gang who call themselves “REvil”, who somehow maneuvered their way into the IT company’s seemingly secure system. Experts said that this has been the most sophisticated cyber-attack the world has seen.
Kaseya’s customers include hundreds of businesses internationally that are too small to have their own IT department, hence they outsource their security systems from the technology provider. The impact of this unfortunate ransomware attack was felt globally. In Sweden, at least 800 Supermarkets that used Kaseya had to close their cash registers for three days. In New Zealand, many schools had to remain offline while their security systems was looked into.
Why should Canadian companies care?
Thankfully, no Canadian companies have been yet said to be affected by Kaseya’s attack.
However, the impact that may be felt on Canada’s economy isn’t fully known yet. V. Gupta, BDO partner and cybersecurity expert expressed concerns that “Kaseya provides a critical piece of infrastructure that a lot of organizations leverage, especially in Canada,” he said. “The number [affected] could certainly grow … the impact is still not fully known” The consequences of this attack could lead to large losses for the Canadian economy, specifically for small and medium-sized businesses who outsourced their IT software from Kaseya.
This is not going to be the last ransomware attack that affects the world globally. Companies now more than ever have the responsibility of taking extra precautionary measures when choosing to outsource any software. The Canadian government may start implementing regulations for any companies outsourcing such software to remain in full compliance and safety. In the meantime, Canadian companies need to take extra steps to educate employees on how to avoid these phishing scams.
by Joanna Ambros, MBA