Ransomware a growing problem for Canadian organizations

Criminal Law /
Céline Dostaler
Latest posts by Céline Dostaler (see all)

By LegalMatters Staff • London Drugs had to close nearly 80 stores across B.C., Alberta, Saskatchewan and Manitoba after a ransomware attack in April 2023.

According to the National Cyber Threat Assessment 2023-2024 published by the Canadian Centre for Cyber Security (CCCS), ransomware is a persistent threat to Canadian organizations.

“During a ransomware attack, malicious software is used to encrypt, steal or delete data, then demand a ransom payment to restore it,” says Ottawa criminal lawyer Céline Dostaler. “That can have severe impacts including core business downtime, permanent data loss, intellectual property theft, privacy breaches, reputational damage and expensive recovery costs.”

The CCCS states it received 305 reports of ransomware in 2022, up from about 295 the year before.

Dostaler notes that most ransomware attacks are double extortion attacks.

“This means that hackers will exfiltrate files before encrypting them and threaten to leak sensitive information publicly if the ransom is not paid,” she says.

Even if victims pay the ransom, there are no guarantees that their data will be recovered, says Dostaler, adding that a survey of Canadian businesses found that only 42 per cent of organizations who paid the ransom had their data completely restored.

When it comes to defending those charged with computer-related crimes, she says the accuracy of electronic records that purport to show where the ransom demands originated can be challenged.

“If a computer was seized as part of the ransomware investigation, a lawyer can ensure police had first obtained a proper search warrant,” Dostaler says. “If the suspect’s rights granted under the Canadian Charter of Rights and Freedoms were violated, I can argue that any evidence that the police gathered should be excluded from trial.”