Canadian Underwriter

Winners and losers in preventing cyberattacks

February 28, 2022   by Jason Contant

Concept of repelling a cyberattack

Print this page Share

Canada’s financial services industry pushed back against cybercriminals last year, cutting in half the percentage of cyberattacks on the sector.

The financial services industry (including insurance) has long been a top target for cybercriminals chasing high-reward payday. But that is precisely why these organizations have some of the most advanced security controls in place, driven largely by compliance, and were able to drop from 33% of attacks in Canada in 2020 to 16% in 2021, according to IBM Security.

Manufacturing was the top attacked industry in Canada, with 32% of incidents (nearly one in three attacks in Canada, compared to 1 in 4 globally), IBM says in its annual X-Force Threat Intelligence Index, released Feb. 23. “An industry operating at a tipping point during the pandemic, attackers used the threat of ransomware to push them over the edge,” IBM says in a press release.

“Cybercriminals took full advantage of global uncertainty, a weakened supply chain and unpatched vulnerabilities to successfully infiltrate organizations across the globe and make their payday, and new sectors have emerged among the most vulnerable in Canada,” IBM notes. For example, energy organizations jumped to second-most-attacked in Canada in 2021 at 21%, surpassing healthcare and finance and insurance industries (both enduring 16% of attacks).

Not surprisingly, ransomware remains the top attack method observed in Canada. But it only made up 25% of attacks in 2021 compared to 57% in 2020. These attacks are now closely followed by business email compromise (such as a scam involving impersonation of a CEO authorized to conduct wire transfers) and distributed denial of service attacks (an attempt to overwhelm a server, service or network with a flood of internet traffic), each accounting for 17% of attacks in Canada.

Cybercrime is definitely not going away in Canada. According to a study from Amsterdam-based cybersecurity company Surfshark, Canada recorded an increase of about 50% in cybercrime victims compared year-over-year.

Surfshark conducted a survey of the Top 10 countries with the most cybercrime and found Canada ranked third with 163 victims per 1-million internet users. The United Kingdom held the top place with 3,409 victims per one million users; the U.S. was in second place with 1,724 victims per one million internet users.


Feature image by