Get ready Canada. The cybercriminals have you in their sights for 2019.
Despite our smaller market size, Canada had the third most cyber incidents in the world last year, according to a recent study. This year’s federal election is likely to attract more “bad actors” who will try to use misinformation to influence public opinion, warns the Canadian Centre for Cyber Security in its latest threat assessment.
Cybercrime against Canadian citizens and businesses, however, will be the biggest threat this year, the report says. “It is certain that Canadians will be affected by malicious online activity in the coming year,” said Scott Jones, head of the Cyber Security Centre.
Indeed, the Canadian Internet Registration Authority (CIRA) reports that 88 per cent of respondents to its security survey are worried about the prospect of future cyber attacks.
Reasons for Cyber insomnia in 2019
What is causing executives to lose sleep this year? “Cybercrime is evolving as criminals take advantage of growing online markets for illicit goods and services in order to maximize their profits,” says the Centre’s National Cyber Threat Assessment report. As well, it notes that criminals have increased the scale and sophistication of their activities to exploit technical vulnerabilities and human error.
By using specific social engineer techniques against businesses, cyber attacks have escalated from phishing to “whaling,” says the report. That’s when an executive with access to company resources gets a message that appears to be from a relevant employee, asking them to direct funds to an account controlled by criminals. This can lead to major financial losses and damage to reputations, the report notes.
It’s expected that threat actors will increase their efforts to exploit supply chain vulnerabilities in 2019. “Given the interdependent nature of many modern businesses, supply chain security is only as strong as its weakest link.” The idea is to identify vulnerable parties to gain access to the primary target through shared networks.
As well, the report anticipates that, with more and more devices connected to the Internet, cybercriminals will have new opportunities to use malware to generate or “mine” cryptocurrency.
The costs will be high
The survey by CIRA found that 66 per cent of businesses with 250 to 499 employees experienced a cyber attack in the last 12 months. At the same time, it estimates that 70 per cent of data breaches happen against companies with fewer than 100 employees.
Globally, the Ponemon Institute reports that the average cost of a breach last year was US$3.86 million, up by 6.4 percent from the prior year. It notes that Canada has among the highest costs from a breach, including items such as notifying victims and engaging forensic experts.
These trends raise concerns given CIRA’s findings about the preparedness of Canadian businesses. Its survey showed that 37 per cent of respondents didn’t have anti-malware protection and 71 per cent didn’t have a formal patching policy.
The threats are coming says the report by the Canadian Centre for Cyber Security, “but by knowing the threats, we hope that action can be taken to prevent, detect and respond.”
To get a free crash course on the cybersecurity trends for 2019 and how you can protect against them, register now for this February 6th webinar, sponsored by Trend Micro.