Canadian spy agency: ransomware attacks soared in H1 2021

Global ransomware attacks increased by 151 percent in the first half of 2021 compared with 2020, according to Canada’s signals intelligence agency.

Key Canadian infrastructure has regularly been targeted in ransomware attacks  in which hackers essentially hold computer information hostage until they are paid, the Communications Security Establishment (CSE) said in a report published this week.

The agency said it knew of 235 ransomware incidents against Canadian targets from January 1 to November 16 of this year. More than half were critical infrastructure providers, including hospitals.

“Ransomware operators will likely become increasingly aggressive in their targeting, including against critical infrastructure,” said the report issued by the Canadian Centre for Cyber Security, a unit of CSE.

CSE reiterated that actors from Russia, China and Iran posed a serious threat to the cyber-infrastructure of countries such as Canada.

“Russian intelligence services and law enforcement almost certainly maintain relationships with cybercriminals, either through association or recruitment, and allow them to operate with near impunity as long as they focus their attacks against targets located outside Russia,” it said.

The Canadian government report comes as a US cybersecurity firm warned that attacks by Russian state hackers have barely eased up since last year’s SolarWinds cyber-attacks targeting US government entities, including the Justice Department, as well as companies.

On the anniversary of the public disclosure of the SolarWinds intrusions, US cybersecurity firm Mandiant said hackers associated with Russia’s SVR foreign intelligence agency continued to steal data “relevant to Russian interests”.

The hacking campaign was named SolarWinds after the US software company whose product was exploited in the first-stage infection of that effort.

Moscow has repeatedly denied responsibility for the hack.

The Biden administration imposed sanctions last April in response to the SolarWinds hack, including against six Russian companies that support the country’s cyber-efforts.

Follow us on twitter: @risksEmerging

Twitter feed is not available at the moment.