Canada cyber security and cyber crime statistics

Cybercrime rates continue to increase in Canada with both individuals and businesses being affected.

While it often gets lumped in with the US in some statistics, Canada has its own unique cybercrime and cyber security landscape. Ransomware, phishing attacks, data breaches, and various types of fraud are all commonplace in the country but to varying extents compared to its neighbor.

In this article, we highlight the latest cybercrime and cyber security facts, trends, and statistics impacting Canadians.

1. Successful attacks affected 78% of Canadian companies in one year

The 2020 Cyberthreat Defense Report (CDR) by CyberEdge Group provides a wealth of information about cyber-attacks across the globe. It found that 78 percent of Canadian organizations experienced at least one cyberattack within a 12-month period. In 2021, this figure rose to 85.7 of Canadian companies.

Canadian cyber stats

This highlights the rapidly increasing cybercrime levels that Canadian organizations face and represents a 7.7 percent rise in attacks compared to the year before. This increase is concerning when we consider the worst affected country on the list, Colombia, is only around 8.2 percent worse off than Canada.

2. Ransomware impacted over 70% of Canadian organizations within a year

The 2020 CyberEdge report hones in on ransomware and found that 72 percent of Canadian respondents dealt with ransomware in 2020.

Fortunately, in 2021, this figure dropped substantially to just 61.2 percent of organizations.

Canadian ransomware stats

This represents a nearly 11 percent improvement year on year; a change that has improved its world ranking by around eight positions (from third in 2020 to 11th last year).

As in 2020, Japanese organizations fared best. However, the number of ransomware attacks on Japanese companies rose startingly from just 36.7 percent to 56 percent impacted in 2021.

3. In Canada, the average spend on security is 11.1% of an organization’s IT budget

The 2021 CyberEdge report also reveals how much organizations are spending on cyber security. According to the latest study, Canadian firms spent 11.1 percent of their annual budget on security. This is down from 12.1 percent the year before.

Canadian IT budget

This is a little lower than average compared to other regions included in the study. Interestingly, however, the budget is almost identical to that of Japan. This reveals that what companies spend on cybersecurity does not directly track against the number of attacks suffered, as one might hope.

4. Canadian organizations bumped IT budgets up by a mean of 4.7% in 2020

In 2020, Canadian firms increased their security budgets compared to the prior year by almost five percent. This is about average compared to other countries studied that year (with the range being 3.9–6.7 percent).

Unfortunately, this trend of spending more reversed in 2021, when Canadian companies dropped their percentage spend on security by 1 percent. That said, this still equates to a 3.6 percent rise since 2019, which shows that companies are still prioritizing security within their IT budgets.

It is also worth noting that CyberEdge noted a decrease in security investment across the board, stating that “for the first time in our CDR history, we’ve seen a decline in the percentage of organizations whose security budgets are rising”. This decline appears to be linked to financial strains imparted on organizations due to the Covid-19 Pandemic.

5. In Canada, around three quarters of companies favor security products that use AI and machine learning

Another interesting insight from the CyberEdge report is the preference some organizations have for machine learning and AI in security products. 73.5 percent of businesses in Canada have a strong or moderate preference for these technologies. This actually puts Canada in the bottom three countries, alongside France and Germany.

Canadian security product preference

Interestingly, the countries that appear to have the most interest in advanced technologies are Saudi Arabia, Turkey, and South Africa.

6. Canada is now a less popular target for ransomware Trojans

A 2020 mobile malware study by Kaspersky found that ransomware Trojans were a fairly common occurrence for mobile users in Canada compared to in other countries with 0.11 percent of Canadian users seeing these types of attacks. This made Canadians the sixth-most likely to be impacted, after the US, Kazakhstan, Iran, China, and Italy.

However, as of Q3 2021, Canada is not even in the top ten. This means that fewer than 0.02 percent of mobile users are affected. This could be down to an improved cybersecurity awareness, or, more likely, attackers simply switching targets.

7. Only 39% of Canadian organizations have been hit by ransomware

Numbers from the Sophos State of Ransomware Report 2021 show that businesses are more likely to be targeted than individual users. This study found that 39 percent of firms had dealt with ransomware in the year prior.

That said, Sophos noted this number was surprising since Canada is a developed country and should be a prime target. It goes on to suggest that the country may benefit from being in the shadow of the US.

8. 65% anticipate being hit with a ransomware attack

Of those who had not been hit with ransomware in 2021, 65 percent told Sophos that they expect to be hit with a ransomware attack in the future. This indicates that Canadian respondents are highly alert to the issue of ransomware.

9. 26% of Canadian companies managed to stop ransomware attacks prior to data encryption

In 2020, Sophos also reported on the number of attacks thwarted by organizations prior to data being encrypted. Canadian companies managed to block more than one-quarter of attacks, which puts the country just above the global average. While this is impressive, Turkey took the top spot with companies managing to block 51 percent of ransomware attacks.

Chart showing number of attacks stopped.
Source: Sophos

10. More than 1 in 10 companies paid the ransom to attackers

According to Sophos, 11 percent of Canadian organizations paid ransoms. The only countries in which a smaller portion of businesses paid up were Spain (four percent) and Italy (six percent). Companies in India (66 percent) were the most likely to pay, followed by Sweden (50 percent) and the Philippines (32 percent).

11. The average cost of ransomware attacks in Canada was almost $2 million

Ransomware attacks can be expensive, with costs including the ransom itself, downtime, specialist services, loss of business, and more. The average remediation cost for companies in Canada is $1.92 million. This is slightly above the global average of $1.85 million.

Organizations in Singapore, Belgium, and India could expect to pay at least $3 million in remediation fees, while Austrian businesses paid an astounding $7.5 million on average. Conversely, those in the Czech Republic averaged just $370,000.

12. More than 8 in 10 companies hold cyber security insurance

One more area the Sophos report delves into is cyber security insurance. It found that 84 percent of Canadian organizations have cyber insurance included in their policies, which is slightly above average on a global scale. 62 percent of those with cyber insurance are covered against ransomware attacks, which is about average.

13. Discount car and truck rental suffered a ransomware attack

The BlackFog State of Ransomware in 2021 report details a recent attack on Discount Car and Truck Rental. In February 2021, the DarkSide ransomware gang targeted Discount which is part of the US-based Enterprise group. DarkSide claimed to have stolen 120 GB of banking, corporate, and franchising data from the company.

14. 19,000 malicious files related to COVID-19 have been detected since December 2020

According to a McAfee study of Covid-19-related malicious file detections, Canada saw 19,353 such incidents between December 2020 and January 2022. This is significant but is nowhere near the number detected in the neighboring US which observed more than 11 million Covid-19 malicious file detections to date.

The McAfee map.
Source: McAfee

15. Canada came in 13th out of 75 countries in terms of its cyber security score

A Comparitech study ranked 75 countries on cyber security by considering over a dozen factors including the frequency of various types of cyber attacks and how prepared a country is to face them. Canada scored well in the study and was ranked in 13th place. The top three countries were Denmark, Sweden, and Ireland, and the bottom three were Tajikistan, Bangladesh, and China.

16. The average cost of a data breach is over $4 million

The IBM Cost of a Data Breach Report 2021 focuses on how much organizations lose when a data breach occurs. The average cost for Canadian organizations was 5.4 million in 2021, up from 4.5 million a year before.

This puts it behind only the US ($9.05 million) and the Middle East ($6.93 million). Worryingly, the cost of data breaches is growing steadily in Canada with the 2020 figure being 6.5 percent higher than in the previous year, and the 2021 figure being a whopping 20 percent higher than in 2020.

17. Canada had the lowest portion of breaches resulting from malicious attacks

IBM tells us the cause of data breaches and found that 42 percent of Canadian incidents were the result of malicious attacks. This number was lower than for any other region in study. Organizations in the Middle East were the most likely to find a breach was caused by a malicious attack. Canada did see the largest portion of breaches stemming from system glitches (35 percent). A further 23 percent of incidents were the result of human error.

18. Around a quarter of companies have fully deployed security automation

Another interesting area of the IBM report examined how many companies use full or partially deployed security automation. Canadian organizations are in the top five when it comes to full security automation deployment with 24 percent of organizations falling into this category. A further 38 percent have partially deployed security automation.

19. The average time to identify a breach in Canada is 168 days

One area where Canadian companies shine is identifying and containing breaches. The region ranked the second fastest in terms of breach identification time (168 days compared to Germany’s 128 days) and took 58 days to contain a breach. In contrast, Brazilian companies averaged 265 days to identify and 115 days to contain.

Chart showing times.
Source: IBM

20. Canadians lost over $230 million to online fraud during 2021

The Canadian Anti-Fraud Centre (CAFC) estimated that Canadians lost a total of CAD $230million to fraud in 2021. Over CAD $100 million of this sum was associated with online fraud. A KPMG spokesperson said in a news release that:

“The reliance on digital platforms and cloud computing has put more sensitive data within the reach of cybercriminals, who are becoming increasingly more adept at accessing or hacking into ‘secure’ customer databases to steal identities.”

21. Investment fraud is the top type of fraud targeting Canadians

The CAFC reports that investment fraud was the most common type in 2021. This alone has cost Canadians more than $70 million and has increasingly come to involve cryptocurrencies.

22. Romance fraud resulted in $42.2 million in losses in 2021

The same study reveals that romance fraud resulted in extremely high losses. Victims lost a total of CAD $42.2 million to romance and dating scams, more than twice the amount in the year prior.

23. Over 40% of Canadians experienced a cyber security incident at the start of the pandemic

A 2020 report released by Statistics Canada focused on how online habits changed for Canadians in the first six months of the pandemic. It found that 42 percent of Canadians dealt with a cyber security incident during those first several months. These Included phishing attacks, fraud, malware, and hacked accounts. Of those who reported a cyber incident, 36 percent said they suffered a loss in terms of time, data, or money.

24. More than 1 in 10 received Covid-related phishing emails

During the same six-month period, 34 percent of Canadians experienced a phishing attack. 14 percent of respondents received phishing emails that were related to Covid-19 test results.

25. Last year, 12 percent of organizations had their data published on leak sites

Palo Alto Networks’ Unit 42 Ransomware Threat Report 2021 studied the number of victim organizations that had data published on leaked sites. Of the Canadian companies in its sample, more than one in 10 faced such a situation. This made it the second most impacted company globally, although the US was in a far worse position with 47 percent of organizations seeing their data published on leaked sites.

Table showing numbers of leaked sites.
Source: Palo Alto

26. Over half of organizations have upped security during the pandemic

The 2021 CIRA Cybersecurity Report examined how Canadian companies were responding to issues that have arisen since the start of the pandemic. It found that around 36 percent of organizations have seen a spike in the number of attacks since the pandemic began and that over 50 percent have responded with new cyber security awareness campaigns.

27. Canadian companies tend to pay when hit with ransomware

CIRA’s 2021 Cybersecurity Report found that 17 percent of respondants had experienced a ransomware attack in the previous year. Interestingly, even though most law enforcement agencies advise against it, 69 percent of victims ended up paying the ransom. Despite this, 64 percent of cybersecurity professionals support the idea of legislation that would make paying illegal.

28. Many organizations didn’t know if they had experienced a breach

CIRA asked organizations if they had dealt with a breach of employee or customer data in the past year. One quarter of organizations said they had, but 38 percent were unable to provide a definitive response.

29. No one industry accounts for the largest portion of cyber security incidents

A 2021 study by Blakes reveals information about Canadian cyber security trends in 2021. It broke down the number of attacks by industry and found three industries tied in first place at 14.8 percent: industrial/manufacturing, public service, and “other”.

Last year, professional services saw the largest portion (24 percent) of attacks. However, this now sits in fourth place, at 13.8 percent. There was a steep dropoff after this, with finance accounting for just 7.9 percent of all incidents.

Blakes also broke down the most common types of threats and discovered that ransomware was by far the most frequent, accounting for 67 percent of attacks. Next was business email compromise (18 percent) followed by wire fraud (10 percent).

30. Ontario is the hardest hit region by cyber attacks

Looking at attacks by region, Ontario was the hardest hit. However, this is the largest province in terms of population. In general, results do seem to be relative to population size.

31. Attackers took the money and ran 9% of the time

Blakes tells us that, in cases where a ransom was paid, the attackers only provided decryption keys or evidence that the victim’s data was deleted 91 percent of the time. That’s a bitter pill to swallow given that almost one-third of ransoms paid were over $250,000.

32. A cyberattack paralyzed Canada’s Collège Montmorency in May 2022

On May 11, 2022, one of Canada’s well-known colleges was hit by a cyberattack that infiltrated its computer network, leaving students and teachers unable to continue lessons while the investigation into what happened was concluded. The attack was serious enough to request intervention from the “cyberdefense operational center of Quebec, the Ministry of Cybersecurity and Digital, and the firm KPMG”.

33. Canada was the fourth-hardest hit country by cyberattacks in December 2021

The US, Germany, and France took the first three spots on Kon Briefing’s December 2021 cyberattack list with 20, 13, and 8 major cyberattacks respectively. Canada came in fourth place with 7 major attacks.

Graph showing major cyberattacks in December 2021

34. A Canadian airline was taken offline due to a security breach in April 2022

Sunwing, one of Canada’s most popular airlines, saw thousands of passengers having to cancel their travel plans due to a system-wide cyberattack that affected everything from check-in processes to inbound flights being unable to land. Sunwing’s systems are managed by a third-party passenger management provider (Airline Choice), and due to the attack disabling the entire check-in system, it left staff having to manually fill out forms to allow passengers to board, causing major delays.

35. 18 major cyberattacks were recorded in Canada in the second half of 2021

Kon Briefing recorded a significant number of cyberattacks in Canada between July and December 2021 amounting to 18 major incidents. Healthcare was the main industry in Canada targeted during this period.

Major cyberattacks in Canada for Q3 and Q4 2021

FAQs about cyber crime and cyber security in Canada

Where can I report cyber crime in Canada?

Victims of cybercrime in Canada should file a report with their local police station and the CAFC. Local police officers in Canada can investigate reported incidents, while the CAFC can share information collected through the reports to support law enforcement.

What is the punishment for cyber crime in Canada?

People convicted of cyber crimes in Canada for breaching Section 430(1.1) of the Criminal Code can receive up to ten years imprisonment. However, if such crimes endanger human life, the punishment can stretch to life imprisonment.

Is Canada a good place for cyber security professionals?

Due to the impact of the covid-19 pandemic on cybercrime and a rise in ransomware attacks, cybersecurity professionals are more in-demand than ever - especially across the Canadian government.

What are some common types of cybercrime in Canada?

Cybercrime in Canada can take many forms, but some of the most common include:

1. Phishing scams: These involve fraudulent emails or websites designed to trick people into handing over sensitive data like credit card numbers, passwords, or bank account information.

2. Identity theft: This occurs when someone uses your personal information without your permission to commit fraud or other crimes.

3. Cyberstalking: This involves using the Internet or other electronic means to harass, threaten, or intimidate someone.

4. Denial of service attacks: These occur when a person or group attempts to overload a website or server with requests, making it unavailable to others

What is the Canadian government doing to prevent cybercrime?

The Canadian government has implemented several measures to prevent and investigate cybercrime. For example, it has:

1. Set up a dedicated Cybercrime Strategy Unit within the Royal Canadian Mounted Police (RCMP).

2. Launched the National Cybercrime Coordination Centre, which brings together law enforcement, government, and industry partners to share information and investigate cybercrime.

3. Established the Canadian Centre for Cyber Security, which provides resources and advice to businesses and individuals on how to protect themselves from cybercrime.

4. Created a Cyber Incident Response Plan to help organizations respond quickly and effectively to a cyber incident.

5. Provided funding to police forces across Canada to help them investigate and prosecute cybercrime cases.

See also: