Ransomware attacks to rise 40% by 2026, report shows 

New year, new cyber threat forecast.  

Ransomware attacks could rise sharply in 2026, according to the latest report from QBE Canada. The business insurer expects the number of ransomware victims publicly named on leak sites will rise from 5,010 in 2024 to more than 7,000 by the end of 2026. 

This represents a five-fold increase since 2020.   

Though the threat of ransomware may increase, it’s certainly not new. Canada experienced 30 significant disruptive cyber incidents over the past two years — that’s 6.7% of the 447 incidents globally. 

QBE Canada’s report also shows government and administrative systems were the most targeted sector globally between August 2023 and August 2025, accounting for 19% of all incidents.  

IT and telecommunications followed at 18%, while manufacturing, logistics and transport sectors together represented 13%.   

The forecast 

The threat landscape will be influenced by several factors in 2026, the report says. 

“The risk landscape is shifting substantially as Canadian businesses expand their use of cloud infrastructure and AI tools,” says Kyle Gray, QBE Canada’s technical underwriter and team lead for cyber. 

The report suggests quick adoption of AI and cloud platforms by large numbers of businesses could increase digital vulnerabilities. For example, in 2024, deepfakes were a factor in nearly 10% of successful cyberattacks, with losses from $250,000 to $20 million. 

Plus, in 2025, the volume of data stored worldwide is projected to reach 200 trillion gigabytes, which means cloud providers and storage services could become appealing to attackers.   

“Outsourcing parts of a business is common and can create greater efficiency and save time. However, it is vital to have a clear knowledge of your suppliers and remain aware of their vulnerabilities,” says Gray. “Each third-party connection creates new risk, and a single point of failure can halt business operations altogether.” 

What’s more, generative artificial intelligence (GenAI) usage is expected to surge in North America over the next five years, further influencing businesses risk profiles.  

Specifically, 78% of organizations indicate they are deploying AI in at least one business function in 2025. Yet cybercriminals are also using that same tech for fraud purposes.  

“GenAI threats have manifested in automated phishing attacks, identity fraud and deepfake scams,” the report says, and “it also lowers the technical barriers for entry-level cybercriminals.” 

Why innovative customer experience will define the future of personal auto insurance Image

Insights Paid Content

Why innovative customer experience will define the future of personal auto insurance

Technology is helping insurers reimagine how they support personal auto customers — and it starts the moment a collision is reported, say experts at Accident Support Services International.

By 

Sponsor Image

The answer 

There are ways for businesses to reduce their risk of cyberattacks. And the insurance industry can assist.  

With cloud and AI tools opening the door for cyber attackers, businesses can embed strong cyber risk management into their technology from the start. Some options to do that include: 

1.    Implementing strong identity and access management protocols   
2.    Running regular configuration audits   
3.    Encrypting sensitive data across all cloud environments.  

“Also, continuous monitoring, threat intelligence, and incident response plans help detect and contain threats before they escalate,” the report says. “In addition, businesses should evaluate the security posture of their third-party providers and establish clear protocols for managing supply chain exposure. “ 

Alyssa DiSabatino

Alyssa Di Sabatino has been a reporter for Canadian Underwriter since 2021, covering industry trends, market developments, and emerging risks.