This website uses cookies for a range of purposes to help us understand your interests and improve the website. By using our website, you acknowledge the use of essential cookies and consent to the use of non-essential cookies, as described in our Cookie Policy. To understand more about how we use cookies or to change your preference and browser settings, please see our Cookie policy

Back toPresentations and Speeches
Advanced
Filters

Impact of the Russian Invasion of Ukraine on Cybersecurity in Canada

Observations From Cybersecurity Experts

  • Following the invasion of Ukraine, we have seen significant shifts in organization and approaches taken by cyber-attack perpetrators, both in Russia and around the world.
  • Hacker groups have experienced significant infighting and been plagued by internal political conflict.
  • We have also seen a decrease in attacks involving Western countries, as threat actors appear to be focusing their attention on Ukrainian and Russian targets. However, this downtick is likely only temporary.
  • Hackers will continue to mobilize and attacks are likely to become more varied and sophisticated as the conflict continues.

The Impact of Canada’s Sanctions Program

  • Canada’s Russian sanctions program is likely the most complex and impactful sanctions regime of its kind in our modern history.
  • The recent wave of sanctions has somewhat complicated how companies can best respond to attacks and may make it more difficult to negotiate ransom payments. Once a threat actor or group engaging in ransomware attacks is listed on a sanctions list, Canadian entities cannot do business with them (including by way of a ransom payment).
  • Issues may also arise where an entity contemplates a ransomware payment involving a sanctioned financial institution.
  • The sanctions, while not outright embargos or wholesale bans on trade, investment and services, have been initiated against Russia in coordination with Canadian allies.
  • However, countries are implementing different measures and in different ways, making it challenging for entities to effectively screen threat actors to ensure that they are not sanctioned.

Cyber-insurance Coverage

Act of War Clauses

  • More organizations are turning to their insurers for coverage to help insulate against losses and costs associated with paying ransomware demands.
  • Insurers have made and are likely to continue to make use of “act of war” exclusions to deny coverage related to cyberattacks.
  • Consideration must be given to such exclusions, which create carve-outs in coverage for losses caused by war-related events.
  • The application of such clauses will depend on their wording, the characteristics of the incident and insurers’ ability to prove that an incident can be linked to a foreign government as an act of warfare.

 Effect on Premiums and Underwriting Criteria

  • A rise in claims in recent years has meant a rise in insurance premiums. Cyber insurance rates have recently risen by 130% in United States and 92% in the United Kingdom.
  • Insurers have also started tightening underwriting criteria, enacting additional controls and strict requirements before awarding cyber policies.

Proactive Protections

  • Canadian entities must be organized and proactive in taking steps to protect their networks. A focus on the right technology, knowledge and expertise, set out in a strategic risk management plan, will serve as the best defence against attacks.

 

Authors