Friday, November 20, 2020

Cyberthreats ... Target: Canada

COVID-19 Complicates the US-China Cyber Threat Landscape
Illustration by Catherine Putz
"We're facing two pandemics: obviously the one that we all live with every day in terms of our personal health. But then there's certainly a cybercrime pandemic out there."
"[The biggest difference between the 2020 report and the earlier 2018 report is] the intensity and level of sophistication [of the threats]."
"We're certainly not trying to scare people into going off grid by building a cabin in the woods. We're here to say: let's tackle this now ... before it's a threat that can become real in the future."
"A trend that continues is that the basics of cybersecurity continue to be the root of most compromises. We are not taking the basics seriously enough, and we're not doing basic things that need to be done for basic [cybersecurity] hygiene."
"Private information is being targeted, and it's being targeted extensively. We're seeing dossiers being created about us as individuals that are then being used to then further more cyber activity."
"We're seeing private information being a goal of every act and the commercial value to cybercriminals is high and increasing."
"You're seeing cyber threat actors who are able to benefit from what normally in previous years would have been purely in the domain of the state. They have tool sets that are extremely sophisticated."
Scott Jones, head, Communications Security Establishment Canadian Centre for Cyber Security

"The state-sponsored programs of China, Russia, Iran and North Korea pose the greatest strategic threats to Canada."
"State-sponsored cyber activity is generally the most sophisticated threat to Canadians and Canadian organizations."
"Online foreign influence campaigns are almost certainly ongoing and not limited to key political events like elections. Online foreign influence activities are a new normal, and adversaries seek to influence domestic events as well as impact international discourse related to current events."
"Adversaries use on-line influence campaigns to change civil discourse, policy-makers' choices, government relationships, and the reputation of politicians and countries both nationally and globally."
"[States may as well be attempting to] exacerbate existing friction [in societies or even] delegitimize the concept of democracy [should it be contrary to its ideological views]."
2020 edition, biennial report, Canadian Centre for Cyber Security
The Communications Security Establishment Canada (CSEC) complex is pictured in Ottawa. (Sean Kilpatrick/CP)
 
So there it is once again, with greater emphasis in 2020, that foreign threat actors whose purpose is to influence all facets of Canadian activities online have become the 'new normal' representing hackers sponsored by China, Russia, Iran and North Korea, becoming the biggest cyber threats Canada faces, according to the country's cybersecurity agency with the release of the National Cyber Threat Assessment report, with the agency for the first time explicitly naming the countries posing the greatest cyber danger to Canadians.

From individuals to businesses and governments all manner of dangers are posed ranging from ransom ware attacks crippling IT entire systems, to intellectual property theft. There are large data breaches where troves of personal data are taken. There is an increasing risk of cyber threat actors attempting to attack 'critical infrastructure' within Canada, with a particular focus on electrical grids, even though the agency is of the opinion it remains 'very unlikely' there will be an active effort to disrupt, damage or take over critical infrastructure given Canada's lack of engagement in international hostilities.
 
Despite these warnings, the head of the Communications Security Establishment's Centre for Cyber Security laments the fact that many people and organizations fail to take these very real threats as seriously as they should. Not seriously enough, for example to take positive steps in implementing basic cybersecurity measures in protection of their data and systems, as for example, two-factor authentication. 

Sergei Konkov, Getty Images
The increasing interference by foreign actors in American elections and online political discourse has been well documented for years, still Canadians are themselves not immune from these threatening forces. Canadians, in point of fact, should be wary of the fact that foreign efforts in influencing the nation's discourse has become the 'new normal', the report warns. Canadians' personal information, either through direct contact scams like phishing emails or text messages or by targeting companies with large troves of sensitive data are increasingly being targeted by cyber criminals.

The very issue that under COVID, more Canadians than ever before are now working from home, relying on an increasing number of Internet services is responsible for creating more vulnerabilities for hackers and cyber fraudsters to exploit, notes the report. Larger organizations are also being targeted increasingly by cyber criminals, since the growing 'illegal market for cyber tools and services' makes it easier and more affordable to proceed. 
 
In the few months between the fourth quarter of 2019 and the first quarter of 2020, the report notes, the average ransom demand leaped 33 percent to roughly $148,700.


Labels: ,

Follow @rheytah Tweet