Report: Novipro survey reveals over 50 percent of cyberattack victims paid ransom to hackers

Canadian IT company, Novipro recently conducted its sixth annual IT Portrait of Canadian Businesses study in collaboration with Leger. The study has revealed the deep vulnerability of Canadian companies to cyberattacks.

As per the data, more than half (56 percent) of organizations targeted by cybercriminals have paid the amounts requested by the hackers. Of these, one of three companies (33 percent) retained the services of a negotiator, while 23 percent proceeded without the help of an intermediary.

Novipro states in a release that the companies paid the ransom as data is a valuable commodity. Sixty percent of companies have sensitive customer data and nearly one-third (28 percent) value their information assets at more than $1 million.

“As an entrepreneur, I am very concerned that so many organizations are paying a ransom,” says Yves Paquette, co-founder and CEO of Novipro. “Companies need to be proactive in preventing cyberattacks, otherwise the impact will be devastating to them and their customers. If organizations invested even a fraction of the potential cost of an attack, they could easily put systems in place to guard against such fraud. In the physical world, you’d employ a detachment of guards to protect something with a seven-figure value, however, there still seems to be a disconnect when the ‘something’ is digital.”

The data has also revealed the concerns of companies regarding the increase of cyberattacks due to hybrid-work formats.

Nearly half (43 percent) of respondents are more concerned about a breach since the introduction of hybrid work, prompting most organizations (76 percent) to take the time to review their security practices, whether it’s providing training to employees (32 percent), developing a telecommuting policy (31 percent) or investing in software (29 percent), to name a few.

Companies that are victims of cyberattacks have shared that their employees are the largest source of cyber threats (53 percent). Of these, 31 percent are motivated by malicious intent and 22 percent unintentionally trigger an attack by clicking, for example, on a fraudulent link. Despite this, the percentage of organizations that have trained their teams has continued to steadily decrease for the past three years. Only 40 percent of respondents plan to offer training to their teams on this topic next year.

“The pandemic has forced companies to focus their energies on operational emergencies,” explains Dominique Derrier, chief information security officer of Novipro. “We see that in 2021 they are more aware of computer threats, but are slow to take significant action. It is imperative that organizations apply the latest infrastructure and engage the right experts to ensure their IT security. Not only are their operations at stake, but their reputations as well.”

The entire study is available for download from Novipro at http://it-trends.ca/