The growing number of software vulnerabilities has left Canadian corporations prone to cyber attacks according to a memo from Public Safety Canada.
The scale of the threat is “significant” and the cost of keeping corporate networks secure is very high that the federal agency is worried business might not be willing to make the needed investment to protect themselves against hackers and sophisticated attacks, according to the document, the Canadian Broadcasting Corporation reported.
However lack of coordination and reporting between government agencies and other stakeholders appears to hamper any preventive measures.
While the federal government has committed to protecting critical infrastructure from cyber attacks, the Auditor General of Canada reported last fall that the federal government has been slow to build partnerships and coordinate with will various stakeholders.
For example, the CBC said, records show that a federal agency issued a warning that hackers were targeting critical infrastructure six months before a security breach occurred at energy technology firm Telvent Canada.
Documents obtained through Access to Information request show that the Canadian Cyber Incident Response Centre sent out four alerts to critical infrastructures and related industries on March 30, 2011 and on May before the attack.
However Telvent said it never received the alert because it is a vendor that builds systems for energy companies and not an infrastructure company. On September, 2012, Telvent announced it suffered a cyber attack which was later linked to Chinese military hackers.
The bot threat
Some of the most serious threats networks face today are "bots," remotely controlled robotic programs that strike in many different ways and deliver destructive payloads, self propagating to infect more and more systems and eventually forming a "botnet."