More Canadian organizations are reporting damage to their reputation because of cyberattacks in general. Almost one in five organizations cite it as an impact related to cyber attacks in the past 12 months—an increase from just six per cent back in 2018. Given the fear of negative headlines and damaged trust with customers and employees, it’s understandable why many organizations are choosing to quietly log on to a crypto exchange to pay off hackers when given the option.
Ransomware attacks have impacted hundreds of Canadian businesses and critical infrastructure providers over the last two years and the problem is only going to get worse in the months ahead, according to CCCS. And considering that the alternative to paying up is even worse, you can bet that ransomware outfits will continue to profit. So what’s the solution? One way or the other, government needs to take action to change the economics around ransomware.
On one side of the equation, government action could make it more difficult to operate a ransomware operation. Right now, ransomware groups are tolerated by certain countries that see a strategic advantage to allying with them. The CCCS points to examples of Russia and North Korea.
For Canada, which isn’t cozying up with any ransomware groups, it may have to look at the other side of the equation and give victims a reason to think twice about paying an extortion fee. Almost two-thirds of cybersecurity professionals support legislation that would prohibit ransom payments, according to CIRA’s survey. Only seven per cent say they oppose the idea, with 22 per cent saying they neither support nor oppose it.
Of course, if the government doesn’t know about a ransom payment, it can’t enforce a law against it. That’s why if governments are going to consider using the stick to deter victims from paying up, they’ll also have to dangle a carrot to motivate them to do the right thing.
That’s the approach recommended by a ransomware task force group (members include the RCMP’s National Cyber Crime Coordination Unit) assembled by the U.S.-based Institute for Security and Technology, reports IT World Canada. Among their recommendations are suggestions to create Cyber Response and Recovery Funds to support victims and require them to consider alternatives to forking over bitcoin. At a minimum, organizations should be reviewing the free decryption tools provided by No More Ransomware, a partnership between industry and international law enforcement.
If the government is going to succeed in deterring ransomware payments, it will also need to have the stomach for the resulting fallout — an angered group of hackers that aren’t getting their payday, and the potential of critical infrastructure at their mercy. Will the Government of Canada take the bold action needed to help curb the threat of ransomware?
In the next blog post, we’ll explore how ransomware payments are playing a role in making cybersecurity insurance more expensive.