We judge that, almost certainly, ransomware directed against Canada in the next 12 months will continue to target large enterprises and critical infrastructure providers, as well as organizations of all different sizes. Over the past two years, ransomware campaigns have impacted hundreds of Canadian businesses and critical infrastructure providers, including multiple hospitals and police departments, as well as municipal, provincial, and territorial governments. Further, we assess that it is almost certain that a majority of ransomware attacks against Canadian victims are unreported to authorities. Canada often ranks among the top countries impacted by ransomware, although international comparisons are limited by gaps in data and contrasting methodologies. The contents of this document are based on information available as of 13 August 2020. We use qualifiers such as “possibly”, “likely”, and “very likely” to convey probability. We use terms such as “we assess” or “we judge” to convey an analytic assessment. Our judgements are based on an analytical process that includes evaluating the quality of available information, exploring alternative explanations, mitigating biases and using probabilistic language. While we must always protect classified sources and methods, we provide the reader with as much justification as possible for our judgements. CSE’s foreign intelligence mandate provides us with valuable insight into adversary behavior in cyberspace. Defending the Government of Canada’s information systems provides Cyber Centre with a unique perspective to observe trends in the cyber threat environment, which also informs our assessments. The judgements are based on the knowledge and expertise in cyber security of Cyber Centre. The key judgements in this assessment rely on reporting from multiples sources, both classified and unclassified. How states use and benefit from ransomware. Emerging trends: Ransomware in 2020-2021. 
The enabling factors of modern ransomware.
For more information on the Traffic Light Protocol, see Contactįor follow up questions or issues please contact Canadian Centre for Cyber Security (Cyber Centre) at Table of contents Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction. This Cyber threat bulletin is intended for the cyber security community. Alternate format: Cyber threat bulletin: Modern ransomware and its evolution (PDF, 428 KB)
0 kommentar(er)
