Ontario and
Quebec hardest hit
provinces
TORONTO, Oct. 13,
2022 /CNW/ -- In recognition of Cybersecurity
Awareness Month, Palo Alto Networks is sharing insights concerning
the ever-present threat that ransomware poses to individuals,
businesses and public institutions across Canada. In 2021, over 140 Canadian
organizations suffered a ransomware attack, according to the 2022
Ransomware Threat Report recently released by Palo Alto Networks
(NASDAQ: PANW), the global cybersecurity leader.
The Palo Alto Networks Unit 42 Threat Intelligence team analyzed
ransomware leak site data to provide insights into more than 56
ransomware groups leveraging multi-extortion techniques.
Multi-extortion is when attackers not only encrypt the files of an
organization but also name and shame the victims and/or threaten to
launch additional attacks to encourage victims to pay. In 2021, the
names and proof of compromise for 2,566 victims were publicly
posted on ransomware leak sites, marking an 85% increase compared
to 2020. The largest number of victims from dark web leak site data
were from the United States
(1,217), followed by Canada (141),
the United Kingdom (133),
France (132), Italy (100) and Germany (100).
Conti, a once-prolific cyber extortion group that Unit 42
followed since 2020, targeted Canadian companies the most heavily
in 2021, responsible for 27.7% of the leak site activity monitored
by Unit 42. LockBit 2.0 was second (14.2%).
"Ransomware gangs have become more emboldened with their attacks
in Canada and around the world,
targeting businesses of all shapes and sizes," said Ivan
Orsanic, regional vice president and Canada country
manager at Palo Alto Networks. "It's not a matter of 'if', but when
organizations will be targeted. Being prepared and having the right
security strategy, policy, and technologies in place is critical to
combatting the latest threats."
In December 2021, the Canadian
government posted an open letter in which similar sentiments were
shared: "Across the world, we have seen a marked rise in the volume
and range of cyber threats — and Canada is no exception." At the time the
Canadian government launched several efforts to help combat this
threat, including the publication of a Ransomware Playbook to
assist organizations with both prevention and response
activities.
Organizations in Ontario and Quebec saw the greatest amount of activity on
leak sites in 2021, with 52 and 45 victims, respectively,
followed by British Columbia with
24 and Alberta with 10.
Twenty-seven different ransomware groups posted details on victims
in Ontario, the most of any
province, followed by Quebec with
12. Unit 42 researchers did not see any leak sites posting breaches
of organizations in Nova Scotia,
Prince Edward Island, Yukon, Northwest
Territories and Nunavut
recorded in 2021.
Manufacturing was the most targeted Canadian industry vertical
by ransomware gangs, accounting for nearly 20% of all attacks,
followed by professional and legal services at just under 20%.
Wholesale and retail as well as construction each accounted for
9.3%, with some of the least targeted industries being education
and transportation at less than one percent.
Globally, Unit 42 incident response case data revealed that the
average ransomware demand rose by 144% in 2021 to US$2.2 million, while the average payment climbed
78% to US$541,010. In addition to the
increase in average ransom demands, Unit 42 researchers also
observed a rise in the use of "victim shaming," where ransomware
groups use leak sites to "name and shame" victims, thereby
increasing pressure on the victim to pay the ransom demand. At
least 35 new ransomware groups, such as Hive, BlackMatter and
BlackCat (ALPHV), threatened to expose data or utilized leak sites
in 2021.
"The ripple effect from these ransomware attacks can drastically
impact services many of us take for granted, whether grocery
shopping, buying gas or obtaining medical care," said Orsanic.
"Combatting these threats is a shared responsibility with
businesses and citizens needing to improve their cyber
hygiene."
- For more information about the 2022 Unit 42 Ransomware Threat
Report, please visit this page.
- To learn more about how Palo Alto Networks Unit 42 helps
Canadian organizations protect against ransomware attacks, please
visit our ransomware investigation page or our ransomware readiness
assessment.
About Palo Alto Networks
Palo Alto Networks is
the world's cybersecurity leader. We innovate to outpace
cyberthreats, so organizations can embrace technology with
confidence. We provide next-gen cybersecurity to thousands of
customers globally, across all sectors. Our best-in-class
cybersecurity platforms and services are backed by industry-leading
threat intelligence and strengthened by state-of-the-art
automation. Whether deploying our products to enable the Zero Trust
Enterprise, responding to a security incident, or partnering to
deliver better security outcomes through a world-class partner
ecosystem, we're committed to helping ensure each day is safer than
the one before. It's what makes us the cybersecurity partner of
choice.
At Palo Alto Networks, we're committed to bringing together the
very best people in service of our mission, so we're also proud to
be the cybersecurity workplace of choice, recognized among
Newsweek's Most Loved Workplaces (2021), Comparably Best Companies
for Diversity (2021), and HRC Best Places for LGBTQ Equality
(2022). For more information,
visit www.paloaltonetworks.com.
About Unit 42
Palo Alto Networks Unit 42 brings
together world-renowned threat researchers, elite incident
responders, and expert security consultants to create an
intelligence-driven, response-ready organization that's passionate
about helping you proactively manage cyber risk. Together, our team
serves as your trusted advisor to help assess and test your
security controls against the right threats, transform your
security strategy with a threat-informed approach, and respond to
incidents in record time so that you get back to business faster.
Visit paloaltonetworks.com/unit42.
For further information, contact press@paloaltonetworks.com
SOURCE Palo Alto Networks, Inc.