Canadian cybersecurity companies are combatting a significant increase in attacks on companies, as the rapid shift to working from home has created vulnerabilities.
Daniel Tobok, chief executive officer of Toronto-based cybersecurity firm Cytelligence Inc., said he normally sees about 75 to 80 incidents a month. In each of March and April, that figure jumped to about 180.
“There’s been an alarming increase of cyberattacks and attempts,” said Mr. Tobok, noting the abrupt shift to remote work has removed many of the usual protocols and safeguards that would be present in an office environment.
“Bad guys have more targets to go after because people are working remotely, they’re much more relaxed, and they don’t have Jim in IT that they can just walk over to and ask a question," Mr. Tobok said.
Hospitals have been particularly at risk, as cybercriminals look to exploit stretched health care resources. The Canadian Internet Registration Authority, which manages the .ca domain, has seen a 39-per-cent increase in cyberthreats against health care clients using its network security platform over the past 30 days. And Interpol, the International Criminal Police Organization, has also noted a significant uptick in cyberattacks on hospitals worldwide.
Hackers are integrating COVID-19 themes into their attacks. For instance, cybercriminals engaged in phishing – a technique involving mass e-mails that entice recipients to click on malicious attachments or links – have increasingly been posing as public-health agencies, according to the Canadian Centre for Cyber Security. New Brunswick-based Beauceron Security has witnessed a 250-per-cent to 350-per-cent spike in attempted ransomware attacks, which occur when a hacker seizes a victim’s data and demands a ransom in exchange for releasing it, relating to the pandemic in recent weeks.
“Chaos is a perfect veil for cybercriminals," said Mark Sangster, vice-president and industry security strategist at eSentire Inc., a cybersecurity firm headquartered in Waterloo, Ont. “That smoke in the battlefield really hides what they’re up to. They look for things like this.”
While many companies have employed security measures, such as virtual private networks and identity verification, for their remote workers, experts say most have forgotten about a major vulnerability – an employee’s home WiFi connection. Many people’s WiFi passwords are easy to guess, and some are still using default administrator passwords for their home networks that can quickly be searched through Google or other engines, Mr. Tobok said. Gaining access this way – through someone’s home internet network – renders most corporate security measures useless.
“We all built very big walls. There’s guards at the front. There’s lots of fancy lights blinking. There’s signs saying, ‘Do not enter, we will shoot your foot.’ But everyone forgot that there are other doors in the back and everyone has the keys for them," Mr. Tobok said. “This has become a very big problem."
In addition to technical vulnerabilities, there are human ones, as well. The health crisis has put people into a heightened state of anxiety, making them more susceptible to phishing attempts and other types of attacks.
“Imagine you get a message that says, ‘You’ve been in contact with someone who has COVID-19. Click here to find out more,'" CIRA spokesperson Spencer Callaghan says. "The hackers are actually taking advantage of the heightened COVID-19 anxiety.”
CIRA has begun offering free malware protection, called CIRA Canadian Shield, in response, Mr. Callaghan added.
Health care institutions are particularly vulnerable because doctors and nurses working long hours under stressful conditions are less likely to validate an e-mail before clicking a link. Hospitals also tend to pay ransoms if all their patient files are seized by malicious actors, Mr. Sangster at eSentire says.
“They have patients they have to care for. … Sometimes you just simply don’t have a choice.”
Cybercriminals also tend to be unmoved by the impacts of their actions, Mr. Tobok said. He recently responded to a ransomware attack that completely shut down a factory that had pivoted to manufacturing masks and other protective gear in response to the pandemic.
“We reached out to the bad guys and we were like, ‘People are dying!’ And they’re like, ‘Okay, we’ll give you a 10-per-cent discount on our $700,000 ransom,’" Mr. Tobok said. “They just don’t care.”
Your time is valuable. Have the Top Business Headlines newsletter conveniently delivered to your inbox in the morning or evening. Sign up today.