Canada is expected to face a sustained rise in ransomware attacks over the next two years, with artificial intelligence making cybercrime easier, faster, and more difficult to detect, according to a newly released federal report.
The warning comes from the Canadian Centre for Cyber Security, which published its Ransomware Threat Outlook 2025–2027 on Wednesday. The report provides an updated assessment of how ransomware threats are evolving and which sectors are most at risk across the country.
Ransomware refers to malicious software used by cybercriminals to lock, damage, or leak a victim’s data unless a ransom is paid. As described by Microsoft, attackers often exploit compromised systems to extort money, disrupt operations, or publicly expose sensitive information.
According to the Cyber Centre’s findings, advances in artificial intelligence are accelerating this threat. AI tools have reduced the cost and technical barriers to launching ransomware attacks, allowing criminals to automate tasks, craft more convincing phishing campaigns, and evade traditional security defenses.
Because of this shift, the report warns that Canadian organizations of all sizes and sectors as well as individual users are increasingly vulnerable. However, critical infrastructure operators and large corporations continue to be the primary targets due to their operational importance and ability to pay large ransoms.
“Ransomware is big business,” said Rajiv Gupta, head of the Cyber Centre, in an accompanying statement. He emphasized that as cybercriminals adapt and leverage emerging technologies like AI, public awareness and preparedness are more important than ever. Gupta added that the Cyber Centre is working to stay ahead of these evolving threats to protect Canada’s digital security and resilience.
The data underscores the scale of the problem. The report notes that reported ransomware incidents rose by an average of 26 per cent each year between 2021 and 2024. Financial losses have also surged: recovery costs linked to cybersecurity incidents reached an estimated $1.2 billion in 2023, a dramatic increase from the roughly $200 million recorded between 2019 and 2021.
Further evidence comes from Statistics Canada, whose Canadian Survey of Cyber Security and Cybercrime found that 13 per cent of businesses affected by cyber incidents in 2023 identified ransomware as the attack method up two percentage points compared with 2021.
In light of these trends, the Cyber Centre is urging Canadian businesses, public institutions, and individuals to strengthen their cyber defenses, improve incident response planning, and invest in resilience measures to better withstand future attacks.
