Reported ransomware attacks in Calgary fell 41% last year
The number of reported ransomware attacks has declined in Calgary and across the country — but people who document these attacks warn that extortion still drains thousands of dollars from victims.
The Calgary Police Department says that in calendar year 2022, ransomware attacks reported to CPS decreased by 41 percent compared to 2021.
Ransomware is a form of malicious software used by hackers to take control of a victim’s computer or network and demand payment in exchange for decryption.
Last year, 13 ransomware cases were reported to CPS, up from 22 the previous year. However, a police spokesman noted that cybercrime is notoriously underreported.
Ritesh Kotak, a Toronto-based cybersecurity and technology analyst, said people know a lot more about ransomware and are investing more in cybersecurity than they used to, which could be the reason for the lower reported numbers.
“Just think about where we were five years ago compared to today. It is clear that these types of attacks have a huge impact on society. We talk about it all the time,” Kotak said.
“Enterprises are now realizing that recovering from these attacks is very expensive. As a result, companies are becoming more proactive than reactive.
Kotak said there’s a long-standing protocol of not paying for ransomware, which could reduce future extortions.
Canada-wide data shows a decrease in the number of victims
Nationally, revenue from ransomware attacks has increased year-on-year, but the number of reported victims has decreased. According to figures reported to the Canadian Anti-Fraud Center (CAFC), there were 66 ransomware victims in 2022, compared to 104 in 2021.
But despite fewer reported attacks, victims lost more — a total of $474,439 in 2022 and $346,195 the year before, according to data from CAFC.
Jeff Horncastle, Acting Communications and Customer Liaison Officer at the Canadian Anti-Fraud Centre, said a devastating ransomware attack could start from a simple phishing message.
“If we look at 66 victims and almost half a million losses – very costly for ransomware victims,” he said.
He added that people are “absolutely” more aware of ransomware prevention strategies than in the past.
“Education and prevention is the best way to combat this. We need to stay abreast of what techniques scammers are using, what methods they are using because they are going to use technology to their advantage, and we need to know what technology is supposed to be able to protect us from.”
He warned business owners to be wary of unsolicited emails, not replying or clicking on links, having a data backup plan, installing anti-malware software with multi-factor authentication on any network or device, and make regular password changes.
Companies to be targeted
Mandy D’Autremont, vice president of marketing partnerships at the Canadian Federation of Independent Business, said small businesses are paying much more attention to cybersecurity than they used to — and just because fewer attacks are being reported doesn’t mean they’re not out there.
She said that according to data collected by the CFIB, many business owners have received random cyberattack attempts in the last year.
According to D’Autremont, according to data collected by the organization, 27 percent have received targeted attacks very specific to their business.
CFIB has calculated that the damage caused by a ransomware attack to small businesses averages around $26,000.
The Canadian Anti-Fraud Center urges people who believe they may have been the target of a cyberattack to contact the center in addition to their local police force, as it can help link information from across the country for investigators.