As an entrepreneur, should you be concerned about cyber threats? Absolutely, say the specialists.
• Read also – Cyberattack against STO: affected customers
• See Also – Fraudulent email campaign targets Laval School Service Center.
“No one is immune,” says François Daigle, OKIOK’s vice president of professional services. All companies are potential targets, especially for ransomware. This is the current plague. As soon as the attackers identify a target, they blow it up. “
Mr. Daigle reports that his firm has been called in for dozens of incidents each week since the start of the pandemic. “Attacking companies has become a business,” he continues. Forget the talented teenager in the family basement – the attackers are teams of experts working full time to find loopholes by scanning the internet and using specialized tools. ”
They resell these dark web flaws to other teams who will exploit them by encrypting or exfiltrating the data without anyone noticing. They will sell the fruits of their labor to professional scammers who organize the ransoms. The dark web is a parallel network to the traditional web, accessible only through specific software, configurations or protocols.
Specifically: By the time you receive such a request, your systems have been infiltrating for weeks, if not months. Attackers take an average of 180 days to infiltrate, analyze data, take control of mailboxes, attempt to infect customers and partners, gain administrative access to disable or encrypt backups and defense systems. All this, neither seen nor known.
“The threat is such that many companies have been fortunate enough to survive without going bankrupt,” continues Daigle.
“Before, hackers only stole confidential information, such as payment card numbers or medical information; now, the ransom attacks are aimed at blocking the operations of an organization ”, analyzes Guillaume Caron, CEO of VARS, the cybersecurity division of Raymond Chabot Grant Thornton.
“Today, 95% of cybersecurity incidents come from phishing: an employee clicks on a link received by email, allowing the cybercriminal to execute malware that will give them full control of their computing environment. “
In addition to ransomware cyberattacks, there is the theft of information, time, documents or industrial espionage, often carried out by frustrated employees.
How to protect yourself? Focusing on very simple defense techniques:
- Inform employees every month about good security practices.
- Do not reply to emails that are unsolicited or whose source is difficult to verify.
- Change passwords regularly
- Questioning the usefulness of USB drives
- Never use the employer’s email addresses or computers for personal use (especially for children)
Most importantly, hire specialists to conduct a cybersecurity assessment or audit (including penetration testing) and perhaps offer awareness activities.
Does that cost expensive? We are talking about tens of thousands of dollars for an SME. Certainly less than a ransom! In fact, Canadian companies invested the equivalent of 1% of their total revenue in this area in 2019, according to Statistics Canada.
Ransom demands are on the rise
The number and severity of attacks are increasing around the world. A 2019 Emsisoft report reports more than 452,000 ransom demands identified by the ID Ransomware service, including 4,689 in Canada alone, at an estimated cost of $ 331.2 million. Losses (including paid ransoms and computer downtime) exceeded $ 2.2 billion.
Statistics Canada estimated in 2020 that 21% of Canadian companies had been affected by a cyberattack, of which 18% are SMEs with 10 to 49 employees and 29% are SMEs with 50 to 249 employees. Those who reported the attack to police said they spent an average of $ 27,000 to recover.
Average ransom demand increased 33% in just a few months, reaching $ 257,756 in December 2019, states the Canadian Center for Cybersecurity. And hackers can demand much more. “In October 2019, a Canadian insurance company paid $ 1.3 million to recover 20 servers and 1,000 workstations,” says the Center, adding that a growing number of ransomware operators will disclose data on their victims to punish the refusal of payment.