Cyber-attacks on Canadian businesses have been steadily increasing over the past couple of years, with 82% of Canadian businesses reporting an increase in cyber-attacks over the last 12 months. The use of Ransomware by cybercriminals to target businesses and even local governments are increasing.


What is Ransomware?

Ransomware is a form of malware that is designed to block access to a computer system, denying users access to their data until a sum of money is paid. One of the most common delivery systems is phishing spam — attachments that come to the victim in an email, masquerading as a file they should trust. Once downloaded and opened, the attacker can take over the victim’s computer and systems.

Once the user’s files are encrypted, they can usually only be decrypted with a mathematical key known only by the attacker. The user’s computer will often display instructions on how to pay a fee, often in Bitcoin, in order to get the decryption key. For small business owners, it is not necessarily the ransom money that hurts the most – it is the hours and hours of downtime, which results in serious financial threats to their companies.





In 2018, Ransomware was responsible for 32% of all cyber claims, a 9% increase from the previous year. The average cost of downtime for Canadian businesses targeted by a ransomware attack. Only 14% of medium-sized businesses in Canada have cyber liability insurance to protect against cyber incidents.


Ransomware Risk Management Tips
  1. Keep your operating systems and applications up-to-date. Software updates often include important security patches to reduce vulnerabilities in your systems.
  2. Don’t install software or give it administrative privileges unless you know exactly what it is and what it does.
  3. Install reputable anti-virus and whitelisting software. Anti-virus software will detect harmful viruses or applications. Whitelisting software helps prevent unauthorized applications from running on your systems.
  4. Create regular off-site backups of your files. While backups won’t prevent a ransomware attack, they can significantly reduce the damage. Off-site backups will remain viable even if your central server is compromised, allowing you to recover your data entirely.


For more information on ransomware or other cyber attacks, please contact one of our risk management professionals. While risk management strategies can reduce your chances for loss, in the event of a loss it is important to ensure your business has the right level of insurance coverage. Explore our Cyber Liability Insurance to learn how we can help protect your business in the event of a cyber-attack.