True Patriot Love - June 19, 2026


[Sneak Peek] What really happens when a company gets hacked?


Episode Stats


Length

9 minutes

Words per minute

190.48

Word count

1,848

Sentence count

22

Harmful content

Hate speech

3

sentences flagged


Summary

Summaries generated with gmurro/bart-large-finetuned-filtered-spotify-podcast-summ .

Transcript

Transcript generated with Whisper (turbo).
Hate speech classifications generated with facebook/roberta-hate-speech-dynabench-r4-target .
00:00:00.000 Every day, businesses across Canada are under attack, not by thieves with crowbars, but by
00:00:05.780 sophisticated cyber criminal networks operating around the world. Groups with names like Shiny
00:00:11.380 Hunters and Q-Lin have turned hacking into a multi-billion dollar industry, stealing sensitive
00:00:17.600 data and holding it hostage for ransom. Global ransomware damages are now estimated in the tens
00:00:23.620 of billions of dollars annually, and Canadian organizations from hospitals to insurers to
00:00:29.120 small businesses continue to find themselves in the crosshairs. When a company's data is stolen,
00:00:34.980 should they pay the ransom and protect the customers and keep it operating? Or does paying
00:00:40.260 simply fund the next attack? Joining us today is Arani Adhikari from Armour Cyber to explain how
00:00:46.780 these criminal networks operate and what Canadians need to know. How have ransomware groups evolved
00:00:57.440 from small-time hackers into sophisticated organizations,
00:01:01.380 ones that can successfully target major corporations,
00:01:05.360 governments, and critical services and infrastructure
00:01:08.660 and tear it down so quickly.
00:01:11.500 I'm Mike Wixson. This is tplmedia.ca.
00:01:14.380 Go to tplmedia.ca local and find your local feed if you'd like.
00:01:18.380 And don't forget to subscribe and tell a friend about what we're doing.
00:01:22.020 Let's talk about ransomware and cybercrime.
00:01:25.820 Joining me today, Arani Adhikari from Armor Cyber.
00:01:29.660 Thanks so much for joining me, man.
00:01:30.860 I appreciate this.
00:01:31.560 Thank you for having me over here.
00:01:32.340 Okay, why don't we start at the begin, okay, where the average person gets the story.
00:01:38.460 Yep.
00:01:38.860 So I've just read in the newspaper that a major insurance company in Canada, for example, has been hit.
00:01:43.720 Their data has been targeted, and they have been hacked.
00:01:46.580 It's usually the insurance company telling us this to make us aware as consumers that this has happened.
00:01:51.660 but tell me what has led up to that moment what happened that made the insurance company
00:01:58.860 have to make this announcement take take us through that perfect so let's let's bring down
00:02:03.520 a couple of things let's start off with the hacking group itself right let's talk about
00:02:07.260 the evolution of ransomware and then we'll get to how this happens yeah uh you know 10 15 years back
00:02:13.460 right ransomware was not a term that was used a lot right because there were hacker groups that
00:02:19.120 we're hacking for a specific objective right now over time it has become a full flown economy
00:02:25.540 right so there are gangs out there that are operating uh with the with the scheme of extortion
00:02:30.880 right so a ransomware a very technical term but if you break it down it's extortion gang
00:02:35.440 right what does extortion gang do they are coming in they're hacking into a company they're holding
00:02:40.020 your servers your data ransom and they're asking for payments they're asking like hey if you don't
00:02:46.080 pay me xyz dollars we are going to release this data or we're not going to give it back
00:02:50.200 now this evolution that has happened it's not overnight right there are a lot of uh you know
00:02:57.480 cybercrime gangs that have been operating in various models in canada in globally and you
00:03:02.560 don't necessarily need to be in canada to operate this thing they can operate from anywhere in the
00:03:06.120 world today and target companies everywhere now the news article that you talked about a local
00:03:11.420 small insurance company that got hacked small medium businesses are the one of the one of the
00:03:16.740 most prolific victims of these gangs why because they do not have the basic security controls
00:03:23.100 required to prevent them from coming in the first place right right and we're going to talk about
00:03:26.700 those things but we talked about qlin as an example we were dealing with a qlin case as of
00:03:32.300 last week it's a small company 50 people around 50 people 50 employees right they have basic security
00:03:39.740 controls right so they invested in security but with the with an intent that just to check the
00:03:44.400 box right so they had basic antivirus basic things covered Q-Link specific again the way we as you
00:03:51.000 know we from the industry know these hacker groups is they use specific techniques and targets and
00:03:57.020 tools while they're coming in so when they came in right they came into a specific user the user
00:04:02.600 did not have a multi-factor authentication so that's essentially the password when you put in
00:04:06.460 password you get that sms token saying hey this is the one-time password for getting in the user
00:04:11.020 did not have that set up right so they basically did what something known as a phishing that's
00:04:15.740 another type of a technique where they are able to get your username password they use that got
00:04:20.780 in that one user account now unfortunately that user account had a lot of privilege when i say
00:04:25.260 privilege they had a lot of the ability to change and get access to data and files exactly and once
00:04:30.700 they were in that was game over right because they could then encrypt all the machines now we got the
00:04:35.580 call generally when the news article hits right hey we have been blocked we can't do business
00:04:41.180 can you help us get back in right that's when we get involved right and and take it from there now
00:04:46.540 a company to do actually a you know a news article that means they were already breached
00:04:51.100 they're proactively talking about it okay so i think a lot of canadians myself included uh
00:04:55.980 would envision these hackers as individuals in a basement someplace a single individual
00:05:01.340 uh with this ability this super cyber ability to get in and wreak havoc is that the case or are
00:05:08.140 these more sophisticated operations than that 10 15 years back that would be the case now imagine
00:05:14.380 a call center it's a full operation you have a hr you have management you have you have a scheduling
00:05:19.340 manager you have people actually doing the job you have marketing think of these sort of
00:05:24.140 organization as a full-fledged organization doing these things now these are full-fledged
00:05:29.980 corporations that are out there and their sole purpose is to cause problems absolutely they are
00:05:38.620 they not only have up right that's that's one of the objective but think about it it's it's a money
00:05:43.340 motive driven organization right so you have revenue coming in from all this extortion there's
00:05:47.580 a cost of getting all the tools and techniques to do these attacks right there is a people cost
00:05:52.700 labor cost of people who are involved in this operation so you have to manage them in a specific
00:05:57.340 big way right so ransomware again you know that evolution that we keep talking about it has evolved
00:06:02.000 into a full-fledged corporation with the motive of profit through ransom yeah okay so now these
00:06:08.700 these extortion machines who are they going after like what is an ideal target for uh you know
00:06:16.920 shiny hunters or clop or or clin you know so based on our experience of the cases that we
00:06:24.240 investigated right none of them have a specific target profile they go after anyone and everyone
00:06:29.840 that's number one but number two once they go after the entire machinery the people who actually
00:06:35.440 fall victim to this are majority of the businesses which are small and medium and the reason i say
00:06:40.800 small and medium and it hurts me to say that right because these are people who have built their
00:06:44.880 business these are individuals that are suffering individuals who are suffering we have dealt with
00:06:50.160 cases where business had to have shut down right because of ransomware attack right and uh again
00:06:56.240 it hurts me to kind of say that but smaller and the medium businesses are the ones who get targeted
00:06:59.840 a lot right because these gangs will go after everybody but someone will fall and the ones
00:07:05.440 will fall are the small mediums now why is their defenses are not that great right when you talk
00:07:12.080 about a big bank a large institution you know a large you know any large business they have enough
00:07:17.840 budget and they have no manpower to invest in cyber that's why i think i'm always a little
00:07:24.240 shocked that it's an insurance company or a credit card company or a large online retailer that's been
00:07:30.160 fallen victim because you think wait a minute i saw all the warnings on their site i clicked on
00:07:35.360 everything and i you know it seemed very safe and certainly uh that must be a level of sophistication
00:07:41.200 that is required that's not necessarily required for the smaller businesses exactly right think
00:07:46.480 about it you know cyber is a problem that's not always solved just by throwing money at it right
00:07:50.560 it needs to be done proper right when exactly what you said the large organizations when they fall
00:07:55.040 for it it's not because they're not invested in cyber they have not just invested in the right
00:07:58.960 direction they might have invested in very shiny tools no pun intended on shiny hunters but a lot
00:08:04.320 of shiny tools that they have bought but they're not using it properly so there's no roi right so
00:08:08.240 they have all of these perfectly the right software yeah but not set up not actually in the the manner
00:08:14.560 that's required to yeah no not from a people perspective so you know our business we call it
00:08:18.800 a people process technology right you can't have the tech but you don't have the people and the
00:08:22.960 process the right people in the right process that's just a shiny piece of tech just sitting
00:08:27.280 around doing nothing right so a lot of the big ones that we see and we investigated a lot of
00:08:31.040 the bigger guys is well the reason that happened was that one process that was not working or that
00:08:36.800 one piece of endpoint so say for example a very tactical example you have bought the best antivirus
00:08:42.560 out there and you have 100 machines that you need to be put on now you have put it on 80 of them
00:08:48.080 20 of them you have forgot to put it on because of whatever reason it is right that's that's the 1.00
00:08:53.240 chink in the armor where they're going to get in from that's the one that's the one crevice by 1.00
00:08:56.800 which they can manage to get in uh okay so now let's try to understand for the average person 0.66
00:09:02.600 uh i'm a business owner i've arrived to work or i've gotten a call from my
00:09:06.640 IT guy and they say to me uh-oh what's happened describe describe for me what the scenario is
00:09:15.440 like on the ground for the victim and I'll tell you from experience right so uh North York a
00:09:21.300 manufacturing company they're relatively large around 800 employees in total including obviously
00:09:26.520 the you know the factory workers and so on we get called on day two of the situation right so we get
00:09:32.340 called in when their existing provider
00:09:34.840 was essentially extorting them as well,
00:09:36.360 saying that, hey, if you don't sign this agreement,
00:09:38.460 we are not going to help you, right?
00:09:40.200 Those things happen.