This edition dives into a critical issue affecting municipalities (and organizations) across Canada: ransomware attacks.
Recent data from TELUS reveals some alarming trends: 83% of municipalities have reported ransomware incidents. Among these, 42% could only fully restore their data after paying the ransom, and 67% faced multiple extortion attacks, where data was both encrypted and stolen. Municipalities are increasingly the target of these sophisticated attacks, with 36% experiencing compromised cloud systems. The average ransom paid is $140,000, accounting for just 16% of the total recovery costs – showing that breaches are far more costly than that upfront cost. Even more concerning, 24% of municipalities took weeks to months to contain their last ransomware incident, leading to delayed IT projects and significant productivity losses.
At CWE, we’re empowering municipalities to tackle these challenges head-on. As chronicled in this month’s newsletter, our municipal IT leaders are actively participating in tabletop exercises designed to simulate real-world cyberattack scenarios, enhancing their incident response capabilities. We’re also continuing to expand our cyber vendor menu to enable teams with the latest tools and supportive at competitive prices.
Recently, several of our municipal stakeholder members also attended the Municipal Information Systems Association (MISA) Ontario 2024 Annual Conference and Trade Show, where they gained invaluable insights and networking opportunities to bolster their cybersecurity defenses and bring back key learnings to the region, through CWE.
We must also acknowledge that these cyber threats are not exclusive to municipalities. Public sector organizations and private companies also face similar risks.
CWE is here to both public stakeholders and our private consortium members, offering resources, collaboration opportunities, and customized incident response planning to strengthen your defenses.
Want to get involved? Reach out to me at operations@cw-e.ca. Together, we can build a cyber resilient region.
