Canada’s leading cybersecurity agency has again warned IT managers, corporate leaders and residents of the risks of not being prepared for cybercrime.
In what it calls a Baseline Cyber Threat Assessment on Cybercrime, the Canadian Centre for Cyber Security said today that cybercrime “will very likely pose a threat to Canada’s national security and economic prosperity over the next two years,” with ransomware “almost certainly the most disruptive form of cybercrime facing Canada.”
Fraud and scams will be the most common form of cybercrime that Canadians will see over the next two years, the report says, as cybercriminals attempt to steal personal, financial, and corporate information online.
That conclusion is identical to that in the biannual National Cyber Threat Assessment released last October, which said cybercrime “continues to be the cyber threat activity most likely to affect Canadians and Canadian organizations. Due to its impact on an organization’s ability to function, ransomware is almost certainly the most disruptive form of cybercrime facing Canadians.”
While the more detailed National Cyber Threat Assessment deals with all types of cyber threats, including those from nation-states, this latest baseline report is strictly about cybercrime.
Still, it brings in the role of other countries, declaring that “Russia and, to a lesser extent, Iran, very likely act as cybercrime safe havens from which cybercriminals based within their borders can operate against Western targets. We assess that Russian intelligence services and law enforcement almost certainly maintain relationships with cybercriminals and allow them to operate with near impunity. They do so as long as cybercriminals focus their attacks against targets outside of the Commonwealth of Independent States (CIS). The CIS currently consists of Russia, Belarus, Moldova, Armenia, Azerbaijan, Kyrgyzstan, Kazakhstan, Tajikistan, and Uzbekistan.”
The baseline cybercrime report may be of particular interest to non-technical readers such as corporate managers, in that includes a brief history of cybercrime, and definitions of phishing, trojans, botnets, exploit tools and more.
It also reminds small and medium-sized businesses that they, too, are in the cross-hairs of cybercrooks who may target them in hopes of avoiding high-profile attacks that attract the attention of police and politicians.
It also reminds organizations that while business email compromise — a category of attacks where a crook by email persuades an employee to change the bank account where regular payments go to one controlled by the scammer — is very likely more common and costlier than ransomware to victims, ransomware is almost certainly the main cybercrime threat to the integrity of the IT systems of the nation’s critical infrastructure. And critical infrastructure basically includes every organization outside retail.
The report also reminds readers that ransomware gangs spread their attacks widely rather than focus on a few sectors. Last year, the biggest target in Canada was the manufacturing sector, accounting for 18 per cent of attacks, followed by business and professional services firms (14 per cent).
Ransomware gangs want to extort money, steal intellectual property and proprietary business information, and obtain personal data about customers, the report notes.
It notes that cybercriminals are likely to continue compromising managed service providers (MSPs) – companies that host and manage customers’ IT resources. And it reminds readers that internet-connected operational technology (OT) systems that run factories, energy pipelines, and farm systems, are also possible targets.
“So long as cybercriminals can extract financial profit from Canadian victims, they will almost certainly continue to mount campaigns against Canadian organizations and individuals,” the report concludes. “Moreover, cybercriminals continue to show resilience and an ability to innovate their business model to remain profitable.”
As cybercrime activity continues to rise, Canadians must take the necessary measures to mitigate the risks, Sami Khoury, the head of the Cyber Centre, said in a statement. “The good news is that even the most basic cyber security measures can help prevent cyber incidents. We encourage Canadians and Canadian organizations to engage with us to obtain trusted advice and guidance on cyber security. Collaboration at all levels is key as we work to minimize the impacts of cybercrime in Canada.”
The Cyber Centre advises both the federal government and businesses on cybersecurity. It’s a branch of the Communications Security Establishment (CSE), which is responsible for securing federal IT networks and communications. The CSE is part of the Department of National Defence.
Want guidance on how to fight cybercrime? The Cyber Centre has this site where IT pros can search for particular advice.
For starters, there are reports on foundational cyber security actions for small organizations, security considerations for websites, and how to prevent and recover from ransomware. There’s also a ransomware playbook for defenders.