Indigo refused to pay when a ransomware attack took down its e-commerce platform — losing millions in the process.
Indigo Books & Music is still tallying up the staggering costs of a ransomware attack that temporarily took down its e-commerce platform, left it unable to process payments in its retail stores for three days, and knocked its website offline for about a month earlier this year.
The retailer lost $42.5 million in its most recent quarter, $19 million more than it lost in the same period last year, and said last week that while it doesn’t have an exact figure, the majority of that expanded loss was because of the cyberattack.
Indigo refused to pay a ransom to the criminals who used a type of software called LockBit to illegally tap into its network, saying it could not be “assured that any ransom payment would not end up in the hands of terrorists or others on sanctions lists.”
But according to a new report from the law firm Blakes, the majority of Canadian companies hit by ransomware attacks do pay up — and those ransoms now cost businesses far more than in years past.
Ransomware attacks occur when hackers use malware to break into companies’ IT systems, lock up or steal information and then demand a ransom payment for its return.
In the fourth edition of an annual report on cybersecurity trends, Blakes said it found that in 2022, two thirds of firms hit by ransomware attacks ultimately paid, up from 56 per cent in 2021.
The median ransom paid was $546,000, a steep increase from $100,000 two years earlier.
“The threat actors — the bad guys — are getting to be quite sophisticated in their attacks,” said Sunny Handa, a partner at Blakes who leads the firm’s technology practice.
“They are taking a lot of data, they are targeting sensitive data and they are publishing that data … they’re (also) hunting down the backups and they’re destroying backup systems.”
Handa, who acts as “breach counsel,” advising clients on how to respond to cyberattacks, said that once hackers have encrypted a business’s networks, “you basically can’t run your company anymore.”
Cyberattacks on firms has become an industry
“So, that is also pushing people to pay the ransom, because otherwise they will lose days, weeks, months of operations.”
The dollar value of the ransoms is ever increasing, he says, in part because it’s become an industry.
“(The hackers are) investing a lot more and they’re realizing that there’s a market here where people will pay so they’re asking for more.”
Blakes bases its report on cyberattacks that are disclosed by publicly traded companies on the Toronto Stock Exchange, as well as the information of its own clients, citing the “large number of breaches that were handled by the Blakes cybersecurity team.” It tracked breaches from Sept. 1, 2021 to Dec. 31, 2022.
Handa said the report does not represent every data breach in Canada but is meant to reflect trends in the space.
It’s unclear exactly how many incidents there are each year — many companies never disclose cyberattacks — but he puts the figure at somewhere in the thousands.
The financial hit companies take when facing a data breach is not limited to paying ransoms, Handa said.
- alf9872000, Adenman and Karlston
- 3
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.