Site icon IT World Canada

Ransomware the top attack type in Canada last year: IBM report

Ransomware background

Source: undefined | Getty Images

Ransomware accounted for nearly 60 per cent of attacks on Canadian IBM customers last year, according to an analysis by the tech giant.

The figure comes from IBM’s X-Force cybersecurity unit’s annual Threat Intelligence Index for 2020.

The report states that ransomware was by far the top attack type in Canada, making up 57 per cent of attacks where the attack type was known. By comparison globally, only one in four attacks observed last year was ransomware.

Ray Boisvert, an IBM security partner, says the success of ransomware group’s turn to double extortion — where attackers threaten to embarrass victim companies with the release of stolen data in addition to encrypting data — is a critical factor.

IBM estimates the Sodinokibi group made US$123 million globally with this tactic, with approximately two-thirds of its victims paying a ransom.

“We see a lot more targeted attacks than blanket ransomware,” Boisvert added.

Other Canadian data cited in the Threat Intelligence Index for 2020

 

The report also highlights that the increasing number of people working from home meant threat actors could count on cyber defences being lower than those behind corporate firewalls. The quick shift by many organizations to cloud-based solutions opened several vulnerable doors.

Boisvert says it’s worth paying attention to the report’s note about cybercriminals investing more in malware that can run on clouds. For example, malware using the Go language increased by 500 per cent increase in the first six months of 2020, and Linux-related malware families grew 40 per cent. Using open-source malware improves attackers’ profit margins, the report adds.

One surprising finding: For the first time in years, the most successful way victim environments were accessed overall last year was scanning and exploiting for vulnerabilities (35 per cent), surpassing phishing (31 per cent).

The report also breaks down numbers by geographies and industries.

Among the recommendations for better preparing for cyber threats, the report says CISOs should:

 

The report is available here. Registration required.
Exit mobile version