Ransomware is “almost certainly the most disruptive form of cybercrime facing Canada” because it’s pervasive and can severely impact an organization’s ability to function, according to a new report from the Canadian Centre for Cyber Security.
However, it’s more likely cybercriminals will target your clients’ industry sectors than the insurance industry in general, suggested the Baseline Cyber Threat Assessment: Cybercrime report, released Monday with support from the RCMP.
An analysis of Canadian ransomware victims in 2022 by sector found that “ransomware has victimized a wide assortment of Canadian organizations with no discernable pattern based on sector.” That said, the manufacturing sector saw 18% of ransomware victims in Canada, followed by business and professional services at 14%.
Insurance Not a Major Target
According to the report, the insurance sector amounted to only 1% of victims.
This finding appears to conflict with an industry source who said during a virtual symposium in April 2022 that cybercriminals are specifically searching for terms like ‘insurance’ when looking for data.
“They will look for search terms like ‘insurance,’ interestingly enough,” said Imran Ahmad, a partner at Norton Rose Fulbright Canada LLP and head of technology/co-chair of data protection, privacy & cybersecurity. “They will look for ‘HR,’ they will look for personal information, customer data and pull that out.”
The Canadian Centre for Cyber Security’s report addressed cybercrime’s early history, the development of the most significant cybercrime tactics, techniques and procedures, and the nature of the global cybercrime threat and its implications for Canada.
The study also concluded:
- Organized cybercrime will very likely pose a threat to Canada’s national security and economic prosperity over the next two years;
- Financially motivated cybercriminals will almost certainly continue to target high-value organizations in critical infrastructure sectors in Canada and around the world over the next two years, and
- Russia and, to a lesser extent, Iran will very likely act as cybercrime safe havens from which cybercriminals based within their borders can operate against Western targets.
For ransomware, cybersecurity reporting indicates ransom payments have increased since 2020, likely driven in part by increasingly significant demands against larger organizations. “The emergence of cyber insurance policies which cover ransomware payments may have implications for the prevalence of ransomware in Canada,” the report said but didn’t elaborate.
But paying a ransom doesn’t guarantee a victim’s systems will be restored, that they will not be targeted again, or even that exfiltrated data will be deleted by the cybercriminal.
One Telus survey of more than 450 Canadian businesses found only 42% of organizations who paid a ransom had their data wholly restored. And some ransomware operators retained backdoor access to victim’s networks following a ransom payment.
Should You Pay the Ransom?
To pay or not to pay a ransom has been a hot debate within the insurance industry. Ahmad said there are three scenarios where a client may want to consider payment:
- Data is encrypted and has a significant operational impact on the organization. If the ransom amount is “reasonable enough,” a company may consider paying;
- You may be able to restore from backups, but the data is really sensitive. The sensitive nature of the data may affect business-to-consumer clients who hold consumer, health or financial data collected in large quantities over multiple years. Clients may have an incentive to pay for the data to be deleted or recovered, even though they may be able to recover it themselves;
- Ahmad said the client has good backups and can restore the data, which is not particularly sensitive but embarrassing. “You certainly don’t want the name of the company or the organization to be out there, so you may be willing to pay a ‘nuisance payment.’”
Expert Advice from The Magnes Group
At the Magnes Group, we do things differently. We deliver the best-personalized insurance coverage and risk management advice with effort and care. We serve businesses and individuals who appreciate quality, precision, and value in a way that many other insurance brokerages can’t or won’t.
As an independent insurance broker, we pride ourselves on providing straightforward, uncomplicated, and honest advice. We treat others as we would like to be treated ourselves. Not to increase market share but because it’s the right thing to do. You can rely on expert advice from the Magnes Group.
"*" indicates required fields
"*" indicates required fields