Create a free Collision Repair Mag account to continue reading

Cybercrime: Half of Canadian SMEs attacked, report finds

Cyber

Article Summary

More than half of Canadian small businesses have experienced cyberattacks, with phishing being the most common threat followed by malware, fraud, and ransomware. Average losses range from $89,000 for phishing to $330,000 for ransomware, with 40 percent of affected businesses reporting losses exceeding $100,000.

  • Over 50% of Canadian small businesses surveyed reported experiencing a cyber incident
  • Phishing is the most common attack type, followed by malware, fraudulent transfers, ransomware, and DDoS attacks
  • Average financial losses: $89,000 (phishing), $118,000 (fraud), $330,000 (ransomware)
  • 40% of affected businesses reported losses exceeding $100,000
  • Essential defenses include multi-factor authentication, software patching, network segmentation, staff training, and incident response planning

Toronto, Ontario -- To kick-off Cybersecurity Awareness Month, Zensurance is releasing the results of a survey found that more than half of small businesses in Canada say they have experienced a cyber incident. 

The survey of 1,000 small businesses reports phishing as the most common incident type, followed by malware, fraudulent fund transfers, ransomware and distributed denial of service disruptions. 

  • Phishing: fraudulent messages, often emails or texts, that trick recipients into giving away passwords, financial details or clicking malicious links
  • Malware: software installed without consent that disrupts, damages or steals information from computers or networks
  • Fraudulent fund transfers: scams where criminals trick businesses into sending money to the wrong account, often through fake invoices or impersonation
  • Ransomware: malicious software that locks access to systems or data until a ransom is paid
  • Distributed Denial of Service: attacks where criminals flood a system or website with traffic to overwhelm it and shut down operations

Zensurance reports average losses of US$89,000 from phishing, US$118,000 from fraud and US$330,000 from ransomware, and says 40 percent of affected businesses reported losses over US$100,000. The company also warns that many entrepreneurs underestimate their risk and that one missed software update or one click on a fraudulent email can be catastrophic.

The news comes following a rash of cybersecurity incidents within the automotive and automotive aftermarket sectors. 

This month, OEM Renault confirmed that customer contact and vehicle information -- including names, addresses, phone numbers, VINs -- was stolen in a breach of a third-party data processing supplier.

Last month, Jaguar Land Rover was hit by a major cyberattack that shut down operations worldwide, including parts supply, manufacturing and IT systems.

Earlier this year, AutoCanada, a large Canadian automotive retail group, disclosed a cyberattack that impacted its internal IT systems. Details are limited; it is not yet clear whether customer data was accessed or whether operations were widely disrupted.

Collision shops face several clear exposures that can be exploited by cybercriminals. Repair management systems and customer databases contain names, addresses, vehicle identification numbers and insurance details that are attractive to criminals. Networked tools such as OEM portals, ADAS calibration rigs and diagnostic tablets often require authenticated access that, if compromised, provides a foothold into shop systems. A ransomware event can halt operations for days or weeks and cost more in lost revenue than in ransom demands.

There are practical steps shop owners can take now to reduce risk and preserve business continuity. Start with basics: enable multi-factor authentication on email, shop management and any remote access; keep operating systems, firmware and software patched; segment your network so diagnostics and equipment sit separate from office and guest Wi-Fi; enforce least privilege so technicians do not run with admin accounts they do not need; and maintain regular, isolated backups that cannot be reached from the main network. Train staff to recognize phishing and social engineering attempts and run periodic simulated phishing tests to keep awareness high.

To reduce risks, collision repair facilities should also review cyber liability insurance to understand what is covered and what is not, and to factor potential downtime and third-party costs into decision making. Put an incident response plan in place that names who does what, who to call and how to restore operations from backups. If budget allows, bring in a third party for vulnerability scanning or a penetration test. Monitoring logs and alerts will help detect suspicious activity early and reduce damage.