Sunday , July 20 2025

Most Canadian firms pay ransom, CIRA survey suggests

According to a survey conducted by the Canadian Internet Registry Authority (CIRA), most organizations in Canada still choose to pay ransomware gangs after successful attacks.

One conclusion from an online survey of 500 Canadian cybersecurity professionals is that organizations with at least 50 employees are at risk. The survey was released by CIRA on Tuesday.

HPE alerts of hardcoded passwords in Aruba access points

Hewlett-Packard Enterprise (HPE) warns that Aruba Instant On Access Points have hardcoded credentials, enabling attackers to skip normal authentication and...
Read More
HPE alerts of hardcoded passwords in Aruba access points

Akira Ransomware Allegedly Compromise 12 Companies in 72 Hours

The Akira ransomware group increased its attacks, adding 12 new victims to its dark web portal from July 15 to...
Read More
Akira Ransomware Allegedly Compromise 12 Companies in 72 Hours

Singapore urgently engage military force to tackle ‘serious’ cyberattack

Defence Minister Chan Chun Sing said these select units will work with the Cyber Security Agency (CSA) in a united...
Read More
Singapore urgently engage military force to tackle ‘serious’ cyberattack

Hackers infect 10M Androids with BADBOX 2.0

Google is suing 25 unidentified cybercriminals thought to be from China for running BADBOX 2.0, a major global botnet with...
Read More
Hackers infect 10M Androids with BADBOX 2.0

Oracle Patched 200 Vulns With July 2025 CPU

Oracle's July 2025 Critical Patch Update includes 309 new security patches, with 127 addressing remotely exploitable vulnerabilities. SecurityWeek found about...
Read More
Oracle Patched 200 Vulns With July 2025 CPU

Ivanti Zero-Days Exploited to Drop MDifyLoader

Cybersecurity researchers have revealed a new malware named MDifyLoader, linked to cyber attacks using security vulnerabilities in Ivanti Connect Secure...
Read More
Ivanti Zero-Days Exploited to Drop MDifyLoader

CISA added Fortinet FortiWeb vul to KEV catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a crucial vulnerability in Fortinet FortiWeb in its Known Exploited Vulnerabilities...
Read More
CISA added Fortinet FortiWeb vul  to KEV catalog

Adoption Agency Exposes One Million+ Records

Security researcher Jeremiah Fowler discovered an online database exposing sensitive information from an adoption agency. Jeremiah Fowler Jeremiah specializes in...
Read More
Adoption Agency Exposes One Million+ Records

CVE-2025-20337
Patch Now! Cisco ISE bug allows pre-auth command execution

A critical vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE-PIC, identified as CVE-2025-20337, has a CVSS score of...
Read More
CVE-2025-20337  Patch Now! Cisco ISE bug allows pre-auth command execution

BD Bank Honours PABC Officials for Foiling $20 Million Cyber Fraud Attempt

On Tuesday, Bangladesh Bank organized a special award ceremony at its headquarters in Dhaka to formally recognize and honor a...
Read More
BD Bank Honours PABC Officials for Foiling $20 Million Cyber Fraud Attempt

CIRA oversees the .ca registry.

41% of respondents reported that their organization had been targeted by a cyber attack in the past year. Among these, 23% confirmed that their organization had fallen victim to a ransomware attack, an increase of 1% compared to last year.

ALSO READ:

Bypass Cloudflare Firewall and DDoS Protections using Cloudflare

70% of organizations surveyed said they paid ransom demands, with nearly a quarter paying up to $100,000. These numbers are similar to previous surveys conducted by CIRA. In 2022, 73% of those affected by ransomware paid, compared to 69% in 2021.

The numbers went in the wrong direction this year, according to Jon Ferguson, CIRA’s general manager of cybersecurity.

If organizations are not prepared for an attack beforehand, it can be difficult for them to fix the problem afterwards. Some organizations choose to pay because they believe it is the easiest solution. They may not have the capability to recover without regaining access to their data.

They may also be worried about damage to their reputation if word gets out about a ransomware attack, he added.

Some organizations in 2023 may not be ready to deal with ransomware because they struggle to comprehend the risks that come with adopting new technologies in IT.

The survey showed that IT professionals acknowledge the issue of ransomware. In fact, 75% of the respondents expressed their support for a law that would prohibit organizations from paying ransoms. This is an increase from 64% in the previous year’s survey.

64% of respondents in the survey said they had used their incident response plans in the past year. Ferguson noted that it is at least good that they had a plan to use. In fact, 44% of respondents said their company has a comprehensive incident response plan, while another 40% said they have a basic plan.

Check Also

FortiWeb

CVE-2025-25257
Fortinet Addresses Major SQL Injection Flaw in FortiWeb

Fortinet has issued a critical patch for a critical vulnerability in its FortiWeb product, a …

Leave a Reply

Your email address will not be published. Required fields are marked *