Canadian companies targeted by ransomware attacks this year faced considerably higher demands and paid more significant sums, according to a new report from cybersecurity firm Palo Alto Networks.
The report surveyed IT decision-makers from 1,000 mid-sized companies and found that the average ransom paid by targeted organizations has spiked to over $1.13 million, up 150% from two years ago.
Additionally, there was a steep increase in the average ransom demanded by threat actions, jumping 102% from $449,868 in 2021 to $906,115 in 2023.
But even with these significant increases, the number of companies who were willing to pay ransom dropped. Only 34% of respondents said their company paid to regain access to their data, compared to the 45% who said the same in 2021.
The report also identified the specific sectors that were targeted the most by threat actors in 2023. Companies in the manufacturing sector led the list, with 47% of respondents saying they were hit by a ransomware attack this year. Construction came in at 38%, followed by healthcare and pharma at 35%.
Additionally, respondents from over half (58%) of targeted companies said it took them more than a month to from the attack. A quarter (24%) said the recovery process took longer than four months.
Other insights featured in Palo Alto Networks’ Canadian Ransomware Barometer include companies’ top cybersecurity concerns.
Nearly 70% of respondents said that the emergence of artificial intelligence (AI) technologies has increased their threat level. They also reported increased concern over how AI can lead to cyber threats like automated phishing (21%), data privacy risks (21%) and advanced cyberattacks (19%).
Aside from AI, respondents also identified data breaches (68%), phishing attacks (60%), and ransomware (53%) as their top concerns.
Amid this threat landscape, the report found that 20% of companies have increased their spending on cybersecurity software, while 51% have increased spending somewhat. Additionally, 49% have updated or implemented new cybersecurity training for employees.
“More businesses recognize the need to be proactive and have the right security strategy in place to prevent attacks and to lessen the impact of an attack,” said Daniel Roy, vice president and Canada country manager at Palo Alto Networks.
What are your thoughts on this story? Feel free to comment below.