It's time for companies to double down on cybersecurity measures as ransomware attacks rise, say experts

Experts say it's time for Canadian companies and organizations to double down on cybersecurity measures as they're seeing an increase in ransomware attacks and other cyber incidents across the country.

On Thursday, the Alberta Dental Service Corporation announced it fell victim to a ransomware attack from May to July which compromised the personal information of nearly 1.5 million Albertans — including around 7,300 seniors whose banking information was implicated.

This comes as Suncor is still recovering from a major cyber incident in late June, which led to a data breach of Petro-Canada's points system (though it's unclear if it was ransomware).

• Get the news you need without restrictions. Download our free CBC News App.

Ritesh Kotak, a cybersecurity technology analyst, says ransomware attacks — where hackers threaten to publish sensitive data or block access to it until a ransom is paid — are happening more frequently across the country.

"We're seeing more and more ransomware attacks coast to coast to coast, impacting all industries from the medical field to agriculture to retail, and this is having devastating impacts," said Kotak.

"You can't access your information, your computer systems are locked and you don't know what type of information has potentially been exposed to hackers that could then now be available on the dark web for sale."

He says it's becoming easier for hackers to get into accounts as many devices are connected to each other nowadays, and that these attacks are getting more sophisticated.

Organizations with sensitive information, like medical records, could be especially targeted by hackers "because they believe that they're more likely to pay the ransom and individuals wouldn't want that type of information being sold," said Kotak.

Kotak says he always advises against paying the ransom because it doesn't guarantee the affected company will get the decryption key or that the data won't be resold.

Ransomware attacks are underreported

In February, Calgary Police Service said they recorded a 41 per cent drop in reported ransomware attacks from 2021 to 2022.

But John Zabiuk, chair of the cybersecurity program at Northern Alberta Institute of Technology (NAIT), says the numbers do not capture the whole story.

"They're only increasing. They are not slowing down. They're getting more sophisticated, they're getting more difficult to detect and they're getting smarter. I would not say we're seeing a decrease."

Zabiuk says ransomware attacks are notoriously underreported, which explains the gap — and that's where customers who have been affected can step in.

"If you think that your account has been compromised, if you think that somebody is scamming you, report it to the police," said Zabiuk.

"You may not be able to get your data back, but it's important for our authorities to know this and understand how many people are actually getting attacked."

What companies and affected citizens can do

When it comes to cybersecurity, Kotak says a big issue is most organizations are reactive and not proactive.

He says companies should hire cybersecurity experts to continually ensure their systems are safe from cyber attacks, as well as conduct regular third party audits to prevent cyber incidents.

"In the long run it will protect the data, it will give your customers confidence that the proper measures are in place and if you are to be victimized by a breach, you at least have these policies in place."

Kotak also suggests conducting cyber drills — similar to fire drills, but so members of the company know what to do if a cybersecurity emergency should arise.

Back at NAIT, Zabiuk says security measures are expensive, but the cost of cyber attacks, and the cost to an  organization's reputation, could be worse.

"Are you going to continue getting contacts? Are people going to look at your organization and say, 'We can't trust you'? Those are huge things that are not as easily overcome with money," he said.

Still, Zabiuk says humans are always the weakest link in any ransomware attack so it's critical that organizations train their employees for awareness on phishing scams.

He says anyone whose information has been compromised should stay alert.

People who may have had their bank information implicated should change their passwords, cancel their credit cars and keep a close eye on their bank accounts for many years, he says.

Zabiuk says there's also software services that scan the dark web and notify people if their information has been found.