World News

Survey Finds 9 Percent Increase in Cyberattacks Against Canadian Businesses Since 2023


Nearly three-quarters of small and medium-sized Canadian businesses (72 percent) say they were attacked by cybercriminals in the past year—up 9 percent since 2023, according to a newly released survey.

The survey of 735 businesses conducted by KPMG found that 67 percent had paid a ransom to cybercriminals in the last three years, up from 60 percent a year ago.

Hartaj Nijjar, a partner with KPMG’s cyber risk services, said in an Oct. 31 release that the figures show a “rapid escalation” in the frequency and complexity of cyberattacks against Canadian businesses.

Nijjar said many companies are not taking a strategic approach to manage these risks, and consider cybersecurity to be a “tick-box in staff training.”

The survey found 69 percent of businesses reported having insufficient financial resources to invest in cyber defences, 70 percent lack the skilled personnel to monitor cybersecurity attacks, and 66 percent of those polled said their company does not have a plan to address potential ransomware attacks.

“They may not realize that investing more upfront for cybersecurity defences is less costly in the long run, especially if they are a victim of a ransomware attack,” Nijjar said.

Generative artificial intelligence (AI) is also seen as a risk to businesses, with 75 percent of those surveyed saying they worry cybercriminals will use the technology for cybersecurity breaches.

The survey comes a day after the federal government’s Communications Security Establishment (CSE) released its annual national cyber threat assessment. The National Cyber Threat Assessment 2025-2026 warned that Canada’s state adversaries are using cyber operations to “disrupt and divide,” with the aims of supporting military objectives or using information campaigns to shape public opinion.

The report said China poses the “most comprehensive cyber security threat facing Canada today,” with Beijing using espionage, intellectual property theft, and malign influence to attack Canada. The report said its cyber program’s “scale, tradecraft, and ambitions” are “second to none.”

Russia and Iran were also cited as threats to Canada, with Moscow viewing the country as a “valuable espionage target for Russian state-sponsored cyber threat actors, including through supply chain compromises,” and Tehran showing an increasing willingness to engage in disruptive cyber attacks beyond the Middle East.

The report said that the business model of “cybercrime-as-a-service,” which it defines as online marketplaces where cybercriminals sell stolen and leaked data and malicious tools, is growing in popularity.

“This has almost certainly enabled a growing number of actors with a range of capabilities and expertise to carry out cybercrime attacks and evade law enforcement detection,” the report added.

Canada’s critical infrastructure is increasingly vulnerable to ransomware, which can be used to disrupt critical infrastructure entities’ ability to deliver critical services, according to the report. It added that over the net two years, ransomware actors will escalate their extortion tactics to “increase pressure on victims to pay ransoms and evade law enforcement detection.”



Source link

TruthUSA

I'm TruthUSA, the author behind TruthUSA News Hub located at https://truthusa.us/. With our One Story at a Time," my aim is to provide you with unbiased and comprehensive news coverage. I dive deep into the latest happenings in the US and global events, and bring you objective stories sourced from reputable sources. My goal is to keep you informed and enlightened, ensuring you have access to the truth. Stay tuned to TruthUSA News Hub to discover the reality behind the headlines and gain a well-rounded perspective on the world.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.