For as long as there has been an internet, there has been cybercrime. Over the past three decades, the two have been playing a long-standing cat-and-mouse game, growing more sophisticated with every attack-defense loop.
In recent years, the COVID-19 pandemic sent this cycle into overdrive as remote work led to the swift adoption of digital technology – and consequently, surging cybercrime. In the first half of 2021 alone, the Government of Canada’s Communications Security Establishment (CSE) recorded a 151 per cent increase in global ransomware attacks, compared to 2020, while CyberEdge Group’s Cyberthreat Defence Report found that a staggering 85 per cent of Canadian businesses experienced at least one successful cyberattack in 2021, up nearly 8 per cent year over year and putting Canada in the Top 10 globally.
The modern cyber-threat actor is enabled by a supply chain ecosystem that jeopardizes personal, economic and national security. According to a recent report, The Evolution of Cybercrime: Why the Dark Web is Supercharging the Threat Landscape and How to Fight Back, as innovations such as AI and quantum computing become more accessible to criminal groups and nation states, these dangers will only compound and grow exponentially.
The government tabled Bill C-26 to ensure industry keeps up with this ever-progressing danger, however the gears of government are simply turning too slowly for most Canadian companies. With the possibility of cyber-attack increasingly becoming ‘when’ not ‘if,’ Canadian organizations must master security basics, plan for the worst, and encourage collaboration across industries to properly prepare for more sophisticated cybersecurity threats.
The advancement of cybercrime
Once the domain of hobbyists, cybercrime has grown into a specialized criminal pipeline. With the introduction of commoditized malware kits in the 2000s, bad actors of all skill levels can engage in nefarious digital exploits, such as bank fraud; enabling skilled individuals to take advantage of vulnerabilities in emerging technology. More recently, these actors have pivoted to data denial and destructive attacks, embracing ransomware and leveraging “as a service” models for financial benefit.
Today, the ability to exploit network access is rapidly expanding, lowering prices and barriers to entry. In fact, a recent analysis of underground markets revealed that compromised remote desktop protocol (RDP) credentials sell for just $6.50 each, while nearly all advertisements relating to exploits claim they are available for under $10. Moreover, the analysis also concluded that merely 2-3% of sellers are coders, reducing cybercrime to a series of accessible, replicable procedural measures.
Peering towards a digital future
Where does cybercrime go from here? In the foreseeable future, hackers will continue to take advantage of the rapid expansion of corporate attack surfaces, conceivably raising the stakes with extortion schemes timed for maximal disruption.
Emerging technology will also play a role. Quantum computing could be deployed to boost decryption efforts. The Web3 vision of a decentralized, blockchain-based internet may make it easier to evade authorities. And artificial intelligence could be used to automate the selection of targets from a victim’s address book and build highly convincing spear-phishing attacks based on previous communications, helping to improve ROI.
As cybercrime grows in sophistication and scale, so too must the vigilance in its prevention.
Fighting the growing cybercrime machine
We all must play a more active role in combating the rise of cybercrime. For Canadian organizations, this means following a three-part action plan: mastering the basics, planning for resilience, and collaborating to reduce risk.
Mastering the basics entails following best practices such as multi-factor authentication, IT asset discovery and management, vulnerability management, and controls to restrict what can be installed on company property. Moreover, it means prioritizing self-healing hardware to boost resilience in the event of a breach. In addition, organizations must shut off common attack routes, such as those delivered via email and the web, which could be neutralized through techniques such as threat containment and isolation.
Planning for resilience means preparing for the worst-case scenario, putting the processes in place to limit supply chain and insider risk, and practicing incident response repeatedly to detect, prevent, and recover from any attack before it gets serious.
Finally, organizations should collaborate with peers, invest in third-party security assessments and penetration testing as well as gather and share threat intelligence with industry peers for a better overall understanding of the current and future landscape.
With our digital world becoming further interconnected by the minute, Canadian organizations would do well to future proof their business by prioritizing building greater cyber resistance. The World Economic Forum has identified cybercrime as one of the greatest risks facing the world in the coming decade. If vigilant, Canadian organizations can implement effective strategies to take on and defend the current and future scourge of cybercrime.