The latest report from the federal cybersecurity center highlights a concerning trend where cybercriminals leveraging artificial intelligence tools to enhance their ransomware attacks. The Canadian Centre for Cyber Security warns that ransomware threats in Canada are rapidly increasing and becoming more sophisticated, affecting various organizations like businesses, hospitals, and universities.
In recent years, numerous Canadian entities have fallen victim to ransomware attacks, where criminals encrypt their data and demand payment for its release. Some attackers even resort to stealing sensitive information and threatening to expose it unless a ransom is paid.
The report, released publicly on Wednesday, reveals a rise in ransomware incidents from 2021 to 2024. The head of the centre, Rajiv Gupta, stresses that ransomware poses a significant challenge to organizations of all sizes in Canada, emphasizing the need for increased vigilance in the face of this ongoing threat.
One alarming development highlighted in the report is the use of artificial intelligence by ransomware actors to exploit vulnerabilities, create malware, generate deepfake images, and automate negotiations with victims. This utilization of AI allows cybercriminals to overcome technical barriers and resource limitations, streamlining their attacks and demands for payment, often in cryptocurrency.
The report underscores the importance of basic cybersecurity practices such as regular software updates, implementing multi-factor authentication, data backups, and vigilance against phishing attempts to mitigate cyber threats. Additionally, Canadian organizations are encouraged to leverage tools like Assemblyline, a malware detection and analysis tool developed by the cybersecurity center, to monitor their networks continuously.
The report emphasizes that cybersecurity measures are essential for safeguarding critical data, operations, and the individuals relying on organizations for their services. It calls for ongoing collaboration among law enforcement, the private sector, and international partners to enhance threat understanding and coordinate effective measures against ransomware.
Furthermore, the report cautions that cybercriminals may resort to new tactics, such as targeting a victim’s associates or conducting denial-of-service attacks during negotiations, to increase their chances of obtaining ransom payments. The shift towards “multi-extortion methods” showcases the growing sophistication of cybercriminals in maximizing the impact of their attacks and compelling victims to meet their demands.
While ransomware groups predominantly employ encryption to lock victims’ data, there is a rising trend towards extortion through the theft of sensitive information. Critical infrastructure and large corporations remain prime targets for ransomware attacks, underscoring the pervasive nature of this threat across various sectors in Canada.
