Canada cyber security and cyber crime statistics

Cybercrime rates continue to increase in Canada with both individuals and businesses being affected.

While it often gets lumped in with the US in some statistics, Canada has its own unique cybercrime and cyber security landscape. Ransomware, phishing attacks, data breaches, and various types of fraud are all commonplace in the country but to varying extents compared to its neighbor.

In this article, we highlight the latest cybercrime and cyber security facts, trends, and statistics impacting Canadians.

1. Cyberattack impact on Canadian companies

Cybersecurity for Canadian businesses has become increasingly challenging. In 2020, 78% of Canadian companies experienced at least one cyberattack. However, this figure saw a notable increase in the following year, with 85.7% of Canadian companies falling victim to cyberattacks. This 7.7% year-over-year increase highlights a concerning trend in the frequency and effectiveness of cyberattacks targeting Canadian organizations​​.

2. Ransomware threat to Canadian organizations

Ransomware remains a significant and evolving threat to Canadian companies. The National Cyber Threat Assessment 2023-2024 by the Canadian Centre for Cyber Security emphasizes ransomware as one of Canada’s most disruptive forms of cybercrime, continuing to pose a serious threat to organizations. This aligns with the increasing trend of cyberattacks affecting a significant portion of Canadian companies, with over 85% being successfully attacked in a year.

These statistics underscore the persistent and evolving nature of ransomware attacks in the Canadian cyber landscape​​​.

3. In Canada, the average spend on security is 11.1% of an organization’s IT budget

The 2021 CyberEdge report also reveals how much organizations are spending on cyber security. According to the latest study, Canadian firms spent 11.1 percent of their annual budget on security. This is down from 12.1 percent the year before.

Canadian IT budget

This is a little lower than average compared to other regions included in the study. Interestingly, however, the budget is almost identical to that of Japan. This reveals that what companies spend on cybersecurity does not directly track against the number of attacks suffered, as one might hope.

4. Canadian organizations bumped IT budgets up by a mean of 4.7% in 2020

In 2020, Canadian firms increased their security budgets compared to the prior year by almost five percent. This is about average compared to other countries studied that year (with the range being 3.9–6.7 percent).

Unfortunately, this trend of spending more reversed in 2021, when Canadian companies dropped their percentage spend on security by 1 percent. That said, this still equates to a 3.6 percent rise since 2019, which shows that companies are still prioritizing security within their IT budgets.

It is also worth noting that CyberEdge noted a decrease in security investment across the board, stating that “for the first time in our CDR history, we’ve seen a decline in the percentage of organizations whose security budgets are rising”. This decline appears to be linked to financial strains imparted on organizations due to the Covid-19 Pandemic.

5. In Canada, around three quarters of companies favor security products that use AI and machine learning

Another interesting insight from the CyberEdge report is the preference some organizations have for machine learning and AI in security products. 73.5 percent of businesses in Canada have a strong or moderate preference for these technologies. This actually puts Canada in the bottom three countries, alongside France and Germany.

Canadian security product preference

Interestingly, the countries that appear to have the most interest in advanced technologies are Saudi Arabia, Turkey, and South Africa.

6. Canada is now a less popular target for ransomware Trojans

A 2020 mobile malware study by Kaspersky found that ransomware Trojans were a fairly common occurrence for mobile users in Canada compared to in other countries with 0.11 percent of Canadian users seeing these types of attacks. This made Canadians the sixth-most likely to be impacted, after the US, Kazakhstan, Iran, China, and Italy.

However, as of Q3 2021, Canada is not even in the top ten. This means that fewer than 0.02 percent of mobile users are affected. This could be down to an improved cybersecurity awareness, or, more likely, attackers simply switching targets.

7. Only 39% of Canadian organizations have been hit by ransomware

Numbers from the Sophos State of Ransomware Report 2021 show that businesses are more likely to be targeted than individual users. This study found that 39 percent of firms had dealt with ransomware in the year prior.

That said, Sophos noted this number was surprising since Canada is a developed country and should be a prime target. It goes on to suggest that the country may benefit from being in the shadow of the US.

8. 65% anticipate being hit with a ransomware attack

Of those who had not been hit with ransomware in 2021, 65 percent told Sophos that they expect to be hit with a ransomware attack in the future. This indicates that Canadian respondents are highly alert to the issue of ransomware.

9. 26% of Canadian companies managed to stop ransomware attacks prior to data encryption

In 2020, Sophos also reported on the number of attacks thwarted by organizations prior to data being encrypted. Canadian companies managed to block more than one-quarter of attacks, which puts the country just above the global average. While this is impressive, Turkey took the top spot with companies managing to block 51 percent of ransomware attacks.

Chart showing number of attacks stopped.
Source: Sophos

10. More than 1 in 10 companies paid the ransom to attackers

According to Sophos, 11 percent of Canadian organizations paid ransoms. The only countries in which a smaller portion of businesses paid up were Spain (four percent) and Italy (six percent). Companies in India (66 percent) were the most likely to pay, followed by Sweden (50 percent) and the Philippines (32 percent).

11. The average cost of ransomware attacks in Canada was almost $2 million

Ransomware attacks can be expensive, with costs including the ransom itself, downtime, specialist services, loss of business, and more. The average remediation cost for companies in Canada is $1.92 million. This is slightly above the global average of $1.85 million.

Organizations in Singapore, Belgium, and India could expect to pay at least $3 million in remediation fees, while Austrian businesses paid an astounding $7.5 million on average. Conversely, those in the Czech Republic averaged just $370,000.

12. More than 8 in 10 companies hold cyber security insurance

One more area the Sophos report delves into is cyber security insurance. It found that 84 percent of Canadian organizations have cyber insurance included in their policies, which is slightly above average on a global scale. 62 percent of those with cyber insurance are covered against ransomware attacks, which is about average.

13. Discount car and truck rental suffered a ransomware attack

The BlackFog State of Ransomware in 2021 report details a recent attack on Discount Car and Truck Rental. In February 2021, the DarkSide ransomware gang targeted Discount which is part of the US-based Enterprise group. DarkSide claimed to have stolen 120 GB of banking, corporate, and franchising data from the company.

14. 19,000 malicious files related to COVID-19 have been detected since December 2020

According to a McAfee study of Covid-19-related malicious file detections, Canada saw 19,353 such incidents between December 2020 and January 2022. This is significant but is nowhere near the number detected in the neighboring US which observed more than 11 million Covid-19 malicious file detections to date.

The McAfee map.
Source: McAfee

15. Canada came in 13th out of 75 countries in terms of its cyber security score

A Comparitech study ranked 75 countries on cyber security by considering over a dozen factors including the frequency of various types of cyber attacks and how prepared a country is to face them. Canada scored well in the study and was ranked in 13th place. The top three countries were Denmark, Sweden, and Ireland, and the bottom three were Tajikistan, Bangladesh, and China.

16. The average cost of a data breach is over $4 million

The IBM Cost of a Data Breach Report 2021 focuses on how much organizations lose when a data breach occurs. The average cost for Canadian organizations was 5.4 million in 2021, up from 4.5 million a year before.

This puts it behind only the US ($9.05 million) and the Middle East ($6.93 million). Worryingly, the cost of data breaches is growing steadily in Canada with the 2020 figure being 6.5 percent higher than in the previous year, and the 2021 figure being a whopping 20 percent higher than in 2020.

17. Canada had the lowest portion of breaches resulting from malicious attacks

IBM tells us the cause of data breaches and found that 42 percent of Canadian incidents were the result of malicious attacks. This number was lower than for any other region in study. Organizations in the Middle East were the most likely to find a breach was caused by a malicious attack. Canada did see the largest portion of breaches stemming from system glitches (35 percent). A further 23 percent of incidents were the result of human error.

18. Around a quarter of companies have fully deployed security automation

Another interesting area of the IBM report examined how many companies use full or partially deployed security automation. Canadian organizations are in the top five when it comes to full security automation deployment with 24 percent of organizations falling into this category. A further 38 percent have partially deployed security automation.

19. The average time to identify a breach in Canada is 168 days

One area where Canadian companies shine is identifying and containing breaches. The region ranked the second fastest in terms of breach identification time (168 days compared to Germany’s 128 days) and took 58 days to contain a breach. In contrast, Brazilian companies averaged 265 days to identify and 115 days to contain.

Chart showing times.
Source: IBM

20. Canadians lost over $230 million to online fraud during 2021

The Canadian Anti-Fraud Centre (CAFC) estimated that Canadians lost a total of CAD $230million to fraud in 2021. Over CAD $100 million of this sum was associated with online fraud. A KPMG spokesperson said in a news release that:

“The reliance on digital platforms and cloud computing has put more sensitive data within the reach of cybercriminals, who are becoming increasingly more adept at accessing or hacking into ‘secure’ customer databases to steal identities.”

21. Investment fraud is the top type of fraud targeting Canadians

The CAFC reports that investment fraud was the most common type in 2021. This alone has cost Canadians more than $70 million and has increasingly come to involve cryptocurrencies.

22. Romance fraud resulted in $42.2 million in losses in 2021

The same study reveals that romance fraud resulted in extremely high losses. Victims lost a total of CAD $42.2 million to romance and dating scams, more than twice the amount in the year prior.

23. Over 40% of Canadians experienced a cyber security incident at the start of the pandemic

A 2020 report released by Statistics Canada focused on how online habits changed for Canadians in the first six months of the pandemic. It found that 42 percent of Canadians dealt with a cyber security incident during those first several months. These Included phishing attacks, fraud, malware, and hacked accounts. Of those who reported a cyber incident, 36 percent said they suffered a loss in terms of time, data, or money.

24. More than 1 in 10 received Covid-related phishing emails

During the same six-month period, 34 percent of Canadians experienced a phishing attack. 14 percent of respondents received phishing emails that were related to Covid-19 test results.

25. Last year, 12 percent of organizations had their data published on leak sites

Palo Alto Networks’ Unit 42 Ransomware Threat Report 2021 studied the number of victim organizations that had data published on leaked sites. Of the Canadian companies in its sample, more than one in 10 faced such a situation. This made it the second most impacted company globally, although the US was in a far worse position with 47 percent of organizations seeing their data published on leaked sites.

Table showing numbers of leaked sites.
Source: Palo Alto

26. Over half of organizations have upped security during the pandemic

The 2021 CIRA Cybersecurity Report examined how Canadian companies were responding to issues that have arisen since the start of the pandemic. It found that around 36 percent of organizations have seen a spike in the number of attacks since the pandemic began and that over 50 percent have responded with new cyber security awareness campaigns.

27. Canadian companies tend to pay when hit with ransomware

CIRA’s 2021 Cybersecurity Report found that 17 percent of respondants had experienced a ransomware attack in the previous year. Interestingly, even though most law enforcement agencies advise against it, 69 percent of victims ended up paying the ransom. Despite this, 64 percent of cybersecurity professionals support the idea of legislation that would make paying illegal.

28. Many organizations didn’t know if they had experienced a breach

CIRA asked organizations if they had dealt with a breach of employee or customer data in the past year. One quarter of organizations said they had, but 38 percent were unable to provide a definitive response.

29. No one industry accounts for the largest portion of cyber security incidents

A 2021 study by Blakes reveals information about Canadian cyber security trends in 2021. It broke down the number of attacks by industry and found three industries tied in first place at 14.8 percent: industrial/manufacturing, public service, and “other”.

Last year, professional services saw the largest portion (24 percent) of attacks. However, this now sits in fourth place, at 13.8 percent. There was a steep dropoff after this, with finance accounting for just 7.9 percent of all incidents.

Blakes also broke down the most common types of threats and discovered that ransomware was by far the most frequent, accounting for 67 percent of attacks. Next was business email compromise (18 percent) followed by wire fraud (10 percent).

30. Ontario is the hardest hit region by cyber attacks

Looking at attacks by region, Ontario was the hardest hit. However, this is the largest province in terms of population. In general, results do seem to be relative to population size.

31. Attackers took the money and ran 9% of the time

Blakes tells us that, in cases where a ransom was paid, the attackers only provided decryption keys or evidence that the victim’s data was deleted 91 percent of the time. That’s a bitter pill to swallow given that almost one-third of ransoms paid were over $250,000.

32. A cyberattack paralyzed Canada’s Collège Montmorency in May 2022

On May 11, 2022, one of Canada’s well-known colleges was hit by a cyberattack that infiltrated its computer network, leaving students and teachers unable to continue lessons while the investigation into what happened was concluded. The attack was serious enough to request intervention from the “cyberdefense operational center of Quebec, the Ministry of Cybersecurity and Digital, and the firm KPMG”.

33. Canada was the fourth-hardest hit country by cyberattacks in December 2021

The US, Germany, and France took the first three spots on Kon Briefing’s December 2021 cyberattack list with 20, 13, and 8 major cyberattacks respectively. Canada came in fourth place with 7 major attacks.

Graph showing major cyberattacks in December 2021

34. A Canadian airline was taken offline due to a security breach in April 2022

Sunwing, one of Canada’s most popular airlines, saw thousands of passengers having to cancel their travel plans due to a system-wide cyberattack that affected everything from check-in processes to inbound flights being unable to land. Sunwing’s systems are managed by a third-party passenger management provider (Airline Choice), and due to the attack disabling the entire check-in system, it left staff having to manually fill out forms to allow passengers to board, causing major delays.

35. 18 major cyberattacks were recorded in Canada in the second half of 2021

Kon Briefing recorded a significant number of cyberattacks in Canada between July and December 2021 amounting to 18 major incidents. Healthcare was the main industry in Canada targeted during this period.

Major cyberattacks in Canada for Q3 and Q4 2021

FAQs about cyber crime and cyber security in Canada

Where can I report cyber crime in Canada?

Canadian victims of cybercrime have access to both federal and local law enforcement authorities when it comes time to report their incidents. In some cases, due to the complexity of contemporary digital security threats, police from one jurisdiction may need assistance from another jurisdiction to gather evidence. To ensure that victims receive the appropriate services quickly and efficiently, it’s important for them to understand how local police stations and the Canadian Anti-Fraud Centre (CAFC) work together.

Filing Reports with Local Police Stations

If you’re a victim of cybercrime in Canada, your first action should be to file a report with your local police station. The responding officers are equipped with the skills and knowledge needed—such as forensic accounting or computer forensics—to investigate reported incidents. Typically speaking, investigations by local police into such matters will likely take more time than swift actions such as blocking stolen credit card numbers or posting notifications on websites. That being said, depending on the circumstances surrounding an incident, officers may be able to issue warning letters or immediately freeze bank accounts that were illegally accessed.

Reporting Incidents to the CAFC

In addition filing reports with their local police station, victims can also contact the Canadian Anti-Fraud Centre (CAFC). This agency operates jointly between Canada’s Competition Bureau and Royal Canadian Mounted Police (RCMP), offering Canadians advice on various areas of fraud prevention and detection. The CAFC also provides resources for those who want to report or investigate instances of fraudulent activity in Canada. By filing a separate report with the CAFC at , victims can add valuable information to an online database that is shared amongst law enforcement agencies across Canada; this allows information collected through separate incidents involving similar topics—such as scams using fake identities—to be used towards solving other crimes like identity theft. Furthermore, not only does contacting the CAFC provide support for law enforcement operations, but it can also serve as an additional source for collecting evidence for insurance claims related to your case.* *The RCMP recommends that any information gathered from fraudulent cases should not serve as sole evidence when filing insurance claims; contact professional service providers such as private investigators instead.*

What is the punishment for cyber crime in Canada?

When it comes to cybercrimes in Canada, perpetrators need to understand the criminal consequences they face when breaking the country’s laws. In particular, those convicted of breaching Section 430(1.1) of Canada’s Criminal Code will be subject to severe penalties – ranging from up to 10 years imprisonment to life in prison if their actions are determined to endanger human life.

What is Section 430(1.1)?

Section 430(1.1) is a part of Canada’s criminal law that deals with property damage or public mischief caused by computer hacking or other illegal activities related to the misuse of technology. Examples include altering and destroying data, intentional denial-of-service attacks, malicious software (malware) dissemination, and other similar offenses found within this section of the Canadian legal framework.

The law is designed as a form of deterrence against cybercrime, as it provides authorities with an unambiguous way to protect citizens from increasingly sophisticated digital attacks that can cause great financial losses and—in some cases—dangerous interruptions in essential services such as transportation networks, power grids, and government infrastructure systems.

Is Canada a good place for cyber security professionals?

Due to the impact of the covid-19 pandemic on cybercrime and a rise in ransomware attacks, cybersecurity professionals are more in-demand than ever – especially across the Canadian government.

What are some common types of cybercrime in Canada?

Cybercrime in Canada can take many forms, but some of the most common include the following:

1. Phishing scams: These involve fraudulent emails or websites designed to trick people into handing over sensitive data like credit card numbers, passwords, or bank account information.

2. Identity theft: This occurs when someone uses your personal information without your permission to commit fraud or other crimes.

3. Cyberstalking: This involves using the Internet or other electronic means to harass, threaten, or intimidate someone.

4. Denial of service attacks: These occur when a person or group attempts to overload a website or server with requests, making it unavailable to others

What is the Canadian government doing to prevent cybercrime?

The Canadian government constantly looks for new ways to protect its citizens and businesses from cybercrime. To that end, it has implemented a range of measures to prevent and investigate cybercrime occurrences.

The first measure is the creation of a dedicated Cybercrime Strategy Unit within the Royal Canadian Mounted Police (RCMP). This unit works closely with other law enforcement organizations, nationally and internationally, to identify and prosecute perpetrators of cybercrimes.

In addition to this, the government has launched the National Cybercrime Coordination Centre. This center brings together various law enforcement, government, and industry partners to share important information related to ongoing investigations and activities to prevent cybercrime. Furthermore, the Canadian Centre for Cyber Security provides resources and advice to businesses and individuals on protecting themselves from cyber-attacks. This includes best practices for avoiding phishing scams and up-to-date information about security patches and malware threats.

To ensure that organizations can respond quickly and effectively should they be subjected to a cyber incident, the government has also developed a comprehensive Cyber Incident Response Plan. Every organization affected by such an event can then use this plan as their go-to resource to address any immediate issues before launching further investigations into what happened.

Finally, police forces across Canada are benefiting from increased funding which allows them access to more personnel and technology when it comes to investigating and prosecuting cases of cybercrime – something that was previously hindered due mainly to limited budgets.

Are There Any Known Hacker Groups in Canada to Be Aware of?

Hacker groups have become increasingly active in Canada in recent years, with some of the most prominent being DEFCON Toronto (DC416), Cyber Tech & Risk, and Hack The. These groups focus on ethical hacking and provide members with resources to learn more about computer technology and related legal issues.

In addition, a new criminal hacking group has recently emerged that is claiming to have stolen data from firms in both Canada and the U.S. This group is currently unidentified, but their activities are still concerning. Other hacker groups, such as Anonymous, have also tried to clear someone’s name of a crime when needed.

Moreover, a relatively new hacking group called Karakurt has also alleged that it launched cyberattacks against Canadian organizations recently. In addition, an ex-Canadian government IT worker recently admitted to having worked for a Russian cyber-crime group at one point in his life – talk about going from working for the government to becoming an outlaw!

On top of all this activity, Amnesty International Canada was also hit by a cyberattack out of China last summer. Another Massachusetts-based cybersecurity firm warned shortly afterward that Chinese-based hacking groups were known to target Canadian organizations, too – proving that you should always keep up with your security protocols!

Overall, individuals should be aware of numerous hacker groups operating in Canada if they want to protect themselves from any potential cyberattacks. Therefore, it is important for everyone living within the country to stay up-to-date with the latest news regarding these hacker groups so they can reduce the risk of falling victim to them–and if nothing else, it’s another great excuse to brush up on your coding skills!

What are the major challenges in combating cybercrime in Canada?

Canada is facing some tough challenges when it comes to dealing with cybercrime. The ever-changing nature of cyber threats, the international scope of cybercriminal operations, complex investigations, and a shortage of skilled cybersecurity professionals are all factors that contribute to these challenges. Additionally, the need for cross-border cooperation and the complicated legal jurisdictions make prosecuting cybercriminals difficult. To add to all these challenges, cyberattacks are becoming more sophisticated, and new attack methods are emerging, making it even harder to combat cybercrime in Canada.

See also: