More than half of the known ransomware victims in Canada this year were critical infrastructure providers, according to a new threat assessment from Canada’s cyber spies — and the number is likely even higher.
As part of a new awareness campaign, the Communications Security Establishment (CSE), Canada’s foreign signals intelligence agency, released a ransomware bulletin Monday looking at the key trends of ransomware in 2021.
In its report, CSE’s Cyber Centre said ransomware attacks are “brazen, sophisticated, increasing in frequency, and, for the cybercriminals, very profitable.
“The impact of ransomware can be devastating, and the severity of the financial consequences related to a ransomware attack can be profound.”
For the first time, the agency also confirmed publicly Monday that it has used its new cyber attack powers, granted to it through legislation back in 2019.
“The Communications Security Establishment Act gives CSE the legal authority to conduct cyber operations to disrupt foreign-based threats to Canada, including cybercriminals,” said CSE spokesperson Evan Koronewski.
“Although we cannot comment on our use of foreign cyber operations (active and defensive cyber operations) or provide operational statistics, we can confirm we have the tools we need to impose a cost on the people behind these kinds of incidents.
“We can also confirm we are using these tools for such purposes, and working together with Canadian law enforcement where appropriate against cybercrime.”
Ransomware is a form of malware used by threat actors and criminals who encrypt files on a device then demand a ransom in exchange for decryption. Once successfully hacked, ransomware victims are often attacked multiple times.
CSE said it’s aware of 235 ransomware incidents against Canadian victims from Jan. 1 to Nov. 16 of this year and more than half of those targets were critical infrastructure providers, including those in the energy, health and manufacturing sectors.
The number is likely higher, as the agency said most ransomware events go unreported.
“The COVID-19 pandemic has made organizations like hospitals, governments and universities more mindful of the risks tied to losing access to their networks and often feeling resigned to pay ransoms,” notes the report.
“Cybercriminals have taken advantage of this situation by significantly increasing the value of their ransom demands.”
Canadian hospitals hit
Newfoundland and Labrador is still reeling after a cyber attack hit its health-care system, cancelling thousands of medical procedures ranging from chemotherapy to X-rays.
Sources have told CBC the security breach is a ransomware attack, but so far government officials have not confirmed the nature of the cyberattack and will not say if they have received a ransom demand.
A customer pumps gas at Costco as others wait in line on May 11, 2021, in Charlotte, N.C. Earlier this year the Colonial Pipeline, the largest fuel pipeline in the U.S., was hit by a cyber attack attributed to the Russia-based DarkSide RaaS cybercriminal group. (Chris Carlson/The Associated Press)
Staff were unable to access electronic patient records and diagnostic test results leading to long waits in the emergency department and prompting the hospital to cancel clinics and redirect some ambulances to other hospitals.
CSE said it expects high-impact targeting to continue.
“We assess that ransomware operators will almost certainly continue to target large organizations with operational technology (OT) assets, including organizations in Canada, to try to extract ransom, steal intellectual property and proprietary business information, and obtain personal data about customers,” it warned.
Canada is far from alone. This year has been marred by the highest ransoms and the biggest payouts around the world.
Earlier this year the Colonial Pipeline, the largest fuel pipeline in the U.S., was hit by an attack attributed to the Russia-based DarkSide RaaS cybercriminal group.
As a result, the company’s operations were affected, resulting in record price increases, panic-buying, and gasoline shortages
Ransomware operators will likely become increasingly aggressive: CSE
In Canada, CSE said the estimated average cost of a data breach, which includes but is not limited to ransomware, is more than $6 million. The average price has stabilized over the past years, a trend CSE attributes to cybercriminals becoming better at tailoring their demands to what their victims are most likely to pay.
Ransomware operators will likely become increasingly aggressive in their targeting in 2022, including against critical infrastructure, warned the agency.
Part of the problem fighting ransomware is that many operators and their affiliates are based in countries with lax or non-existent laws against cybercrime, said CSE.
Ransomware operators will likely become increasingly aggressive in their targeting in 2022, including against critical infrastructure, warns CSE. (PabloLagarto/Shutterstock)
“Mitigating the increasing risks will require concerted national efforts to improve cyber security and adopt best practices to harden critical systems, as well as co-ordinated international actions to undermine criminal infrastructure and tactics,” said the report.
As part of that effort, CSE, working with the RCMP, has published what they call a “playbook” that outlines steps organizations and businesses can take to protect against ransomware, and what to do if attacked.
Organizations urged to implement cyber safety measures
A handful of cabinet ministers have signed an open letter to Canadian organizations urging them to implement basic cyber security measures.
The letter, co-signed by Defence Minister Anita Anand, Emergency Preparedness Minister Bill Blair, Public Safety Minister Marco Mendicino and International Trade Minister Mary Ng, said the federal government is working with its allies to pursue cyber threat actors and disrupt their capabilities.
“We are also assisting in the recovery of organizations compromised by ransomware and helping them to be more resilient going forward,” they wrote.
“Our message is clear: taking basic steps to ensure your organization’s cyber security will pay swift dividends.”
TORONTO – Roots Corp. may have built its brand on all things comfy and cosy, but its CEO says activewear is now “really becoming a core part” of the brand.
The category, which at Roots spans leggings, tracksuits, sports bras and bike shorts, has seen such sustained double-digit growth that Meghan Roach plans to make it a key part of the business’ future.
“It’s an area … you will see us continue to expand upon,” she told analysts on a Friday call.
The Toronto-based retailer’s push into activewear has taken shape over many years and included several turns as the official designer and supplier of Team Canada’s Olympic uniform.
But consumers have had plenty of choice when it comes to workout gear and other apparel suited to their sporting needs. On top of the slew of athletic brands like Nike and Adidas, shoppers have also gravitated toward Lululemon Athletica Inc., Alo and Vuori, ramping up competition in the activewear category.
Roach feels Roots’ toehold in the category stems from the fit, feel and following its merchandise has cultivated.
“Our product really resonates with (shoppers) because you can wear it through multiple different use cases and occasions,” she said.
“We’ve been seeing customers come back again and again for some of these core products in our activewear collection.”
Her remarks came the same day as Roots revealed it lost $5.2 million in its latest quarter compared with a loss of $5.3 million in the same quarter last year.
The company said the second-quarter loss amounted to 13 cents per diluted share for the quarter ended Aug. 3, the same as a year earlier.
In presenting the results, Roach reminded analysts that the first half of the year is usually “seasonally small,” representing just 30 per cent of the company’s annual sales.
Sales for the second quarter totalled $47.7 million, down from $49.4 million in the same quarter last year.
The move lower came as direct-to-consumer sales amounted to $36.4 million, down from $37.1 million a year earlier, as comparable sales edged down 0.2 per cent.
The numbers reflect the fact that Roots continued to grapple with inventory challenges in the company’s Cooper fleece line that first cropped up in its previous quarter.
Roots recently began to use artificial intelligence to assist with daily inventory replenishments and said more tools helping with allocation will go live in the next quarter.
Beyond that time period, the company intends to keep exploring AI and renovate more of its stores.
It will also re-evaluate its design ranks.
Roots announced Friday that chief product officer Karuna Scheinfeld has stepped down.
Rather than fill the role, the company plans to hire senior level design talent with international experience in the outdoor and activewear sectors who will take on tasks previously done by the chief product officer.
This report by The Canadian Press was first published Sept. 13, 2024.
VANCOUVER – Mediated talks between the union representing HandyDART workers in Metro Vancouver and its employer, Transdev, are set to resume today as a strike that has stopped most services drags into a second week.
No timeline has been set for the length of the negotiations, but Joe McCann, president of the Amalgamated Transit Union Local 1724, says they are willing to stay there as long as it takes, even if talks drag on all night.
About 600 employees of the door-to-door transit service for people unable to navigate the conventional transit system have been on strike since last Tuesday, pausing service for all but essential medical trips.
Hundreds of drivers rallied outside TransLink’s head office earlier this week, calling for the transportation provider to intervene in the dispute with Transdev, which was contracted to oversee HandyDART service.
Transdev said earlier this week that it will provide a reply to the union’s latest proposal on Thursday.
A statement from the company said it “strongly believes” that their employees deserve fair wages, and that a fair contract “must balance the needs of their employees, clients and taxpayers.”
This report by The Canadian Press was first published Sept. 12, 2024.
MONTREAL – Travel company Transat AT Inc. reported a loss in its latest quarter compared with a profit a year earlier as its revenue edged lower.
The parent company of Air Transat says it lost $39.9 million or $1.03 per diluted share in its quarter ended July 31.
The result compared with a profit of $57.3 million or $1.49 per diluted share a year earlier.
Revenue in what was the company’s third quarter totalled $736.2 million, down from $746.3 million in the same quarter last year.
On an adjusted basis, Transat says it lost $1.10 per share in its latest quarter compared with an adjusted profit of $1.10 per share a year earlier.
Transat chief executive Annick Guérard says demand for leisure travel remains healthy, as evidenced by higher traffic, but consumers are increasingly price conscious given the current economic uncertainty.
This report by The Canadian Press was first published Sept. 12, 2024.
