On December 6, 2021, the federal ministers of Defence, Public Safety, Emergency Preparedness and International Trade, Export Promotion, Small Business, and Economic Development (the Ministers) released an open letter to Canadians discussing the rise of ransomware attacks and offering guidance for organizations to curb this trend. Among the resources included in the letter, the Ministers refer to a Ransomware Playbook recently published by the Canadian Centre for Cyber Security (the Cyber Centre).

In the open letter, the Ministers discussed the significant rise of ransomware threats targeting small and medium-sized businesses, health care organizations, utility organizations, and municipalities. During these attacks, threat actors would lock the organization out of its systems and only allow access once a payment is made, usually in a form of digital currency. To assist Canadians in this matter, the Ministers are working to provide the public with specific advice and guidance.

The Cyber Centre’s Ransomware Playbook is one of the newly released resources for Canadian organizations to better prepare against ransomware. The Playbook provides organizations with a basic understanding of the landscape and guidance on important issues, such as whether they should pay a threat actor’s ransom. It also includes suggestions on proper measures for organizations to mitigate the impact of these incidents. The Playbook is organized into the following two sections:

  1. How to defend against a ransomware attack, such as using
    1. cyber defence planning strategies like the implementation of backups systems and incident response plans; and
    2. cyber security controls throughout the organization’s network to add further protection.
  2. How to recover from a ransomware attack, including
    1. immediate response actions to bring an organization’s system back under control after an attack; and
    2. recovery actions that will help an organization successfully rehabilitate its business for the long-term.

In closing the letter, the Ministers urged Canadians to take cyber security seriously and develop a proper protective infrastructure with updated technology measures that will make them well-prepared in their response to such incidents.

Summary By: Imtiaz Karamat


21 12 22

Disclaimer: This Newsletter is intended to provide readers with general information on legal developments in the areas of e-commerce, information technology and intellectual property. It is not intended to be a complete statement of the law, nor is it intended to provide legal advice. No person should act or rely upon the information contained in this newsletter without seeking legal advice.

E-TIPS is a registered trade-mark of Deeth Williams Wall LLP.