Thursday, May 26, 2022

Hackers are finding Canada: Report

We like to think that Canada is a country serious hackers aren’t interested in. But the latest figures from security vendor Trend Micro show we aren’t invisible to them.

Among the findings of its research collected in the first quarter, Canada was among the top countries that posted the highest number of point of sale RAM scraper infections. It placed seventh in the top 10 affected countries, with four per cent of the total number of infections.

Relative to other countries, four per cent isn’t big. But it does suggest attackers are figuring out that there are potentially lucrative targets north of the U.S.

Other figures show that Canada was in the top 10 countries affected by ransomware, sitting in ninth place with two per cent of all infections.

That’s part of a global increase in ransomware that started in the last quarter of 2014 and is continuing, the report notes. Also, crypto-ransomware — which encrypts files in network shares — jumped to account for nearly half of all ransomware infections and marked a four-fold increase in infections compared to the first quarter of 2014.

Perhaps most alarmingly, the numbers show Canada ranks ninth among the countries that posted the highest number of users who clicked malicious URLs in the first quarter of 2015.

“The three most notable threats for the first quarter aren’t new threats,” Christopher Budd, one of Trend Micro’s global threat communications managers, noted in a blog summarizing the overall results. “Bad ads, cryptoransomware and macro malware are all well-known threats from past years. But don’t let their age fool you: these threats have come back stronger and more malicious than ever. The prevalence and success of these threats shows again that innovation isn’t restricted to developing new threats in new arenas: it’s also in taking old threats and improving them to succeed against the security protections that once thwarted them.”

The report also warns about the sharp rise in macro malware. Although users have to enable macros on their software for the attack to work, the use of macros may be seen as an attempt by attackers to bypass traditional antimalware solutions, the report says.

Macros used in these threats are often obfuscated, allowing them to potentially pass through spam filters or scanners, which are better at detecting executable programs than macros. Macros that can be enabled using batch files are also difficult to detect. Sandboxing may not work due to the obfuscation or because users were already explicitly asked to agree to open the macro, unknowingly allowing malware to run in their system.

While Microsoft changed the way macros are implemented in Office documents it went from .DOC format to .DOCX, the report notes, macros are still executable.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.