Canadian Ministers Issue Open Letter On Ransomware And Ransomware Playbook

Canadian Ministers Issue Open Letter On Ransomware And Ransomware Playbook

M. Imtiaz Karamat is an IP Osgoode Alumnus and Associate Lawyer at Deeth Williams Wall LLP. This article was originally posted on E-TIPS™ For Deeth Williams Wall LLP on December 22, 2021.

On December 6, 2021, the federal ministers of Defence, Public Safety, Emergency Preparedness and International Trade, Export Promotion, Small Business, and Economic Development (the Ministers) released an open letter to Canadians discussing the rise of ransomware attacks and offering guidance for organizations to curb this trend. Among the resources included in the letter, the Ministers refer to a Ransomware Playbook recently published by the Canadian Centre for Cyber Security (the Cyber Centre).

In the open letter, the Ministers discussed the significant rise of ransomware threats targeting small and medium-sized businesses, health care organizations, utility organizations, and municipalities. During these attacks, threat actors would lock the organization out of its systems and only allow access once a payment is made, usually in a form of digital currency. To assist Canadians in this matter, the Ministers are working to provide the public with specific advice and guidance.

The Cyber Centre’s Ransomware Playbook is one of the newly released resources for Canadian organizations to better prepare against ransomware. The Playbook provides organizations with a basic understanding of the landscape and guidance on important issues, such as whether they should pay a threat actor’s ransom. It also includes suggestions on proper measures for organizations to mitigate the impact of these incidents. The Playbook is organized into the following two sections:

  1. How to defend against a ransomware attack, such as using
    1. cyber defence planning strategies like the implementation of backups systems and incident response plans; and
    2. cyber security controls throughout the organization’s network to add further protection.
  2. How to recover from a ransomware attack, including
    1. immediate response actions to bring an organization’s system back under control after an attack; and
    2. recovery actions that will help an organization successfully rehabilitate its business for the long-term.

In closing the letter, the Ministers urged Canadians to take cyber security seriously and develop a proper protective infrastructure with updated technology measures that will make them well-prepared in their response to such incidents.