Cybersecurity centre warns of evolving ransomware tactics, state-sponsored threats

OTTAWA — The federal cybersecurity centre says criminals who hold data for ransom are expected to use new techniques — such as threatening a target's partners or clients — to increase their chances of receiving payment.

In its threat forecast for 2023-24, the Canadian Centre for Cyber Security says cybercrime continues to be the online activity most likely to affect Canadians and their organizations.

The report says ransomware attacks, in which digital files are held hostage or encrypted until a fee is paid, are almost certainly the most disruptive form of cybercrime facing Canadians.

The centre says by threatening the business partners or clients of a victim, cybercriminals very likely anticipate that these organizations will increase pressure on the victim to pay the ransom.

The centre notes one cybercriminal group, which has targeted victims in Canada, is known to conduct denial-of-service attacks during payment negotiations, increasing the pressure.

The report also says the state-sponsored programs of China, Russia, Iran, and North Korea pose the greatest strategic cyberthreats to Canada, including efforts against diaspora populations and activists in Canada.

This report by The Canadian Press was first published Oct. 28, 2022.

The Canadian Press