Blog

The CIRA Cybersecurity Survey 2022 said that Canadian organizations had more difficulty warding off cybercriminals last year than in pre-pandemic times. Nearly 30% of companies experienced a data breach, and 15% lost reputation and customers after an attack.

Here are 8 of Canada's biggest and most damaging cyberattacks that happened in 2022

1. Scarborough Health Network data breach

Scarborough Health Network, or SHN, released a breach notice in early 2022 warning that a cyberattack might have exposed sensitive patient data and healthcare records. 

According to the notice, IT staff reported the unusual activity on the system in January, which IT forensics experts later investigated. The investigation revealed that malicious parties accessed a subset of data on many SHN servers. The leaked data included patient names, birth dates, email addresses, home addresses, lab reports, diagnosis information, insurance details, and more. 

This breach underlines the recent spate of attacks on healthcare infrastructure. While it did not impact critical services, it signalled the possibility of more attackers setting their sights on such crucial data. 

2. IKEA internal data breach

In May 2022, according to IKEA, a rogue employee accessed close to 100,000 customers' private data with just a generic search using a network computer. While Ikea proactively contained the damage and prevented data leaks, the incident highlighted the risk of internal threats. 

3. Panasonic Canada data breach

The Canadian arm of the Japanese company, Panasonic, came under siege in February in a coordinated attack that affected its internal systems, processes, and networks. This attack followed a data breach that had occurred six months ago when Panasonic had confirmed that third parties accessed its networks and data. While Panasonic did not release any more information, the Conti Ransomware gang took responsibility for the attack. It claimed to have stolen 2.7 GB on HR and Accounting. 

4. Global Affairs Canada cyber incident 

Canada's Foreign Affairs department experienced an attack the same day the Canadian Centre for Cyber Security issued a warning against Russia-sponsored cyber threats. While the CSE found no link between this attack and Russia, it maintained its cognizance of Russian cyber activity.  Authorities took immediate action to restore all the affected services and prevent future attacks, and the government declined to offer specifics due to the matter's sensitive nature. 

5. Winpak Ltd. ransomware attack 

Winpak Ltd is a plastic packaging giant with manufacturing plants in Canada, the US, and Mexico. In a sophisticated ransomware attack, hackers infiltrated their Canadian infrastructure. They disrupted essential services, including order processing, email, and phone services. It took two weeks for Winpak to return to normalcy. A third-party team of cybersecurity experts conducted a thorough investigation to assess the damage and prepare an incident response plan. 

6. IMP Group cyberattack

The IMP Group is part of a consortium of companies bidding to assemble the Saab Gripen, a fighter jet, in Nova Scotia. But a computer virus that infiltrated its system via email led to serious contingency issues for the company. The virus got through the firewalls in the monitoring system and into the network, considerably slowing down the company's servers. While the group expunged the virus, it had to scan all the servers for signs of any intrusions. The company remained tight-lipped about who was behind the incident, but the intrusion was a confirmed ransomware attack. 

7. Elgin County cyber incident 

While the Elgin County officials refused to share details, a cyberattack reportedly rendered their website and email services inactive for weeks. This disruption impacted the working of several departments by erasing official means of correspondence and affected the library's central computer system. Such attacks in the past have proven expensive for Canadian counties, with Stratford forced to pay a ransom of $75,000 and Woodstock City having to pay out $667,000 to get their systems back up. 

8. University of Windsor cyberattack

A widespread system outage disrupted day-to-day operations at the University of Windsor, affecting campus applications such as email, blackboard, the UWin student portal, and the university website. UWin took immediate steps to secure its systems and mitigate the impact by bringing in a team of qualified cybersecurity experts to conduct a detailed investigation. This attack impacted many Spring and Summer term students who were writing their exams and needed access to the portals. 

Conclusion

The global threat landscape has altered in the past few years. There has been a significant increase in attacks on public infrastructure, healthcare systems, and educational institutions signalling the criminals' bold attempts at institutional-level disruption. Not only have criminals gotten more sophisticated and advanced, but they have also become more coordinated in their attacks on the system. Institutions must take proactive steps to secure their digital infrastructure to prevent, mitigate, and remediate such attacks.