CyberSecurity: state of CyberSecurity in Canada in 2Q2023

COMUNICATO STAMPA

CYBERSECURITY: STATE OF CYBERSECURITY IN CANADA

IN 2Q2023

Exprivia's quarterly report records more than twice as many cybercrime cases as in the first

months of the year. Software/hardware sector among hardest hit by hackers. Education industry at

risk of attacks.

01/08/2023- Attacks on the rise in the second quarter of the year in Canada. That's according to the new 'Threat Intelligence Report'compiled by Exprivia's Cybersecurity Observatory, which looks at 40 open sources including sites of affected companies, public sites of national interest, online news agencies, blogs and social media.

According to the report compiled by the Puglia ICT group, there was a steady increase in cybercrime incidents between April and June, with 167 total cases, more than double the 65 in the previous quarter. Specifically, there were 107 attacks (+197% from 36 in the previous quarter), 57 incidents - that is, successful attacks - about +148 percent from the previous 23, and 3 privacy breaches (down 50% from 6 last quarter).

"We are facing a scenario of steady growth in cybercrime phenomena. The relationship between incidents and attacks, on the other hand, remains constant as does the number of privacy violations according to current laws in Canada," comments Domenico Raguseo, Exprivia's Cybersecurity Director. More effective defense systems are of fundamental importance."

For the experts of Exprivia's Cybersecurity Observatory, which is committed to promoting the culture on cybersecurity also through training courses, the sector most targeted by attackers in the second quarter is 'Software/Hardware' (ICT companies, digital services, e-commerce platforms, devices and operating systems), with about 46% of cases (76) and a peak in April. In second place was 'Finance' (financial companies, banking institutions or cryptocurrency platforms), which rose from 9 phenomena in the first quarter to 22. In third place is 'Retail', or that market which includes sales activities by a company to the end consumer, which from only 1 occurrence recorded in the first three months of the year marks 21 between April and June. The 'Others' sector remains constant, compared to the first quarter of the year, settling at 11 security cases. The 'Multiple' sector closes the ranking with 7 phenomena.

1

COMUNICATO STAMPA

Maintaining the top spot among the main types of damage caused by hackers is data theft with 68% of total cases (167), up about 176% from the previous quarter. Data theft consists of the illegal storage or transfer of personal, financial, or proprietary information such as passwords, software codes, algorithms, and processes causing serious consequences for the affected individuals or organizations. In second place is service disruption (the stopping of normal operation of a network, application or software service) with about 13% of cases, showing an increase in relation to about 8 percent in the previous quarter. This is followed by the demand for money, with a percentage increase of about 78% compared to the previous quarter; while damage to privacy, i.e., disclosure of data by third parties without the consent of the data subject, covers 5% of the total.

The most common attack technique among attackers appears to be malware (malicious software that compromises or disrupts the use of devices), with about 57% of total cases (94 occurrences compared to 30 in the previous quarter and an increase of 213%); attacks via phishing/social engineering, i.e., luring in the network or via email of distracted or unaware users, the main type of attack, also increased, ranking second with 21 cases compared to 18 recorded between January and March 2023. In addition, there is an increase in ransomware malware, which renders data inaccessible on infected systems resulting in ransom demands for payment to restore them.

According to Exprivia's report, cybercrime remains the top threat to network security in Canada, with 141 occurrences and a 147% increase over the previous quarter. Close behind is hacktivism (criminal activity for the purpose of promoting a political or social cause), which reports 12 occurrences, and data breach (security breaches involving destruction, loss, modification, unauthorized access or disclosure of personal data) with 10 security cases.

According to evaluation indexes compiled by Exprivia's Observatory, the IoT networked devices (about fourteen million) at greatest security risk are printers, while the sector most exposed to attacks - thus where there is less investment in cybersecurity - is Education. A fact that could be strongly influenced by the speed with which companies in this area deal with technological progress and that does not always go hand in hand with the protection of the new solutions introduced.

2

COMUNICATO STAMPA

Exprivia

The Exprivia Group, specializing in Information and Communication Technology, is among the leading players in digital transformation.

Backed by a wealth of expertise gained in more than 30 years of constant presence on the national and international market, Exprivia employs about 2,400 people in six countries around the world using a team of experts in different areas of technology and digitization: from Artificial Intelligence to Cybersecurity, Big Data, Cloud, IoT, BPO, Mobile, Networking and Collaboration, entirely presiding over the SAP world.

Listed on the Italian Stock Exchange since 2000 on the Euronext market (XPR), Exprivia supports its clients in the Banking, Finance&Insurance, Aerospace&Defence, Energy&Utilities, Healthcare and Public Sector, Manufacturing&Distribution, and Telco&Media sectors. The group's design capability is enhanced by a strong partner network, proprietary solutions, design, engineering and custom consulting services.

The company is subject to the management and coordination of Abaco Innovazione S.p.A.

www.exprivia.com

Contatti

Exprivia SpA

Investor Relations

Gianni Sebastiano gianni.sebastiano@exprivia.it

T. + 39 0803382070 - F. +39 0803382077

3