InfoSecBulletin Cybersecurity for mankind
According to a survey conducted by the Canadian Internet Registry Authority (CIRA), most organizations in Canada still choose to pay ransomware gangs after successful attacks.
One conclusion from an online survey of 500 Canadian cybersecurity professionals is that organizations with at least 50 employees are at risk. The survey was released by CIRA on Tuesday.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
CIRA oversees the .ca registry.
41% of respondents reported that their organization had been targeted by a cyber attack in the past year. Among these, 23% confirmed that their organization had fallen victim to a ransomware attack, an increase of 1% compared to last year.
ALSO READ:
Bypass Cloudflare Firewall and DDoS Protections using Cloudflare
70% of organizations surveyed said they paid ransom demands, with nearly a quarter paying up to $100,000. These numbers are similar to previous surveys conducted by CIRA. In 2022, 73% of those affected by ransomware paid, compared to 69% in 2021.
The numbers went in the wrong direction this year, according to Jon Ferguson, CIRA’s general manager of cybersecurity.
If organizations are not prepared for an attack beforehand, it can be difficult for them to fix the problem afterwards. Some organizations choose to pay because they believe it is the easiest solution. They may not have the capability to recover without regaining access to their data.
They may also be worried about damage to their reputation if word gets out about a ransomware attack, he added.
Some organizations in 2023 may not be ready to deal with ransomware because they struggle to comprehend the risks that come with adopting new technologies in IT.
The survey showed that IT professionals acknowledge the issue of ransomware. In fact, 75% of the respondents expressed their support for a law that would prohibit organizations from paying ransoms. This is an increase from 64% in the previous year’s survey.
64% of respondents in the survey said they had used their incident response plans in the past year. Ferguson noted that it is at least good that they had a plan to use. In fact, 44% of respondents said their company has a comprehensive incident response plan, while another 40% said they have a basic plan.
