PHOTO: Sunny Handa is a partner at Blake, Cassels & Graydon LLP and leader of the firm’s technology group
The third annual Blakes Canadian Cybersecurity Trends Study found a rising number of security breaches with the most attacks in Ontario, and the leader of the firm’s technology group, Sunny Handa, says the attacks are more sophisticated with higher ransoms.
Since the COVID-19 crisis forced many businesses to adapt to a remote work environment, the risk of cyberattacks has risen. The study found that 50 percent of cyber security incidents occurred in Ontario because the province has the largest population and business concentration in the country.
“Everyone will get hit eventually,” Handa says. “How bad it will be will depend on how much work companies have done to protect themselves.”
The study found that 55 percent of cyber breaches were ransomware attacks and 25 percent of ransom payments exceeded US$1million. “More threat actors have emerged this year and are vicious in certain ways,” Handa says. “The bad guys are organized. It’s almost as if they’re operating as a business. They’re saying it’s nothing personal, and we must do this to you.”
The study also found that 83 percent of companies hit with a cybersecurity incident did not report it to law enforcement and unpatched software vulnerabilities caused 34 percent of cybersecurity incidents.
“Once data is digital, people store it in different places and keep old data lying around making it dangerous because the threat actor makes a copy when a company is hacked, and data gets stolen,” Handa says.
Cyber breaches are not an intellectual property issue but an enterprise risk problem, and it is frustrating to spend most of the time dealing with a cyber crisis after a ransomware attack instead of prevention, Handa says. “It is not just the IT department. It is the board, your CEO, CFO, general counsel or chief legal officer.”
The study found that threat actors continue to approach ransomware as a service and are moving to a licensing model to increase revenues. In addition, hackers post fragments of stolen data online and set a doomsday clock that counts down to the publication of the entire data set.
He says that organizations must protect themselves and allocate human resources within the company to work with consultants and professionals to help minimize their vulnerability footprint. “They need to be trained and taught that this can happen and that this is how bad it will be.”
He says centralizing data is crucial to protect cyber information better because companies often investigate a security breach only after it is realized. However, as companies become more sophisticated in the digital world, he says businesses recognize they do not need to hold on to all data indefinitely.
Handa says lawyers have stepped into the role of cyber breach coaches because data and privacy laws continue to evolve with cyber threats and companies need to comply.