Cybercriminals have focused on a lucrative tactic, holding digital files of crucial companies hostage until high fees are paid, often in hard-to-trace virtual currency.
Federal government says in the first six months of this year, more than half of Canadian ransomware victims were providers of critical infrastructure, including energy, healthcare and manufacturing .
Since March 2020, nearly a quarter of Canadian small businesses have suffered some sort of hostile cyber incident, according to federal officials.
The digital dilemma has prompted several cabinet ministers to advocate this week with Canadian organizations to take protective action.
Many breaches are simply attacks of opportunity, taking advantage of a network vulnerability, said Dwayne Robinson, global director of incident response at CyberClan, which provides security services to small and medium businesses.
“I would say few of these are true targeted and targeted attacks,” Robinson said during a recent webinar on ransomware in Canada.
Canadian spy agency targets foreign hackers to ‘impose a cost’ on cybercrime
There are some basic things businesses can do to dramatically improve their security, he said. “And it’s a little frustrating because we see the same thing over and over and over and over again.”
#GetCyberSafe with Marc Saltzman
The Canadian Center for Cyber Security, a federal agency, has developed detailed guidelines on preventing and protecting against a ransomware attack.
Main recommendations to protect against ransomware attacks:
Coaching – Provide security awareness training to employees to ensure they don’t click on phishing emails or open infected downloads.
Omicron variant may partially escape Pfizer vaccine protection: study
Waiting hours. No customer support. WestJet passenger expresses frustration after rerouting
Planning – Make a plan for how your organization will monitor, detect and respond to a ransomware attack. Test the response plan through exercises.
Cyber insurance – The average cost of recovering ransomware worldwide more than doubled last year to $ 2.3 million. Look at the policies and ask yourself if insurance would help.
Evaluation – Private specialists can assess an organization’s computer systems and recommend precautions against a ransomware attack.
Canadian health and energy sectors increasingly targeted by ransomware attacks
The federal government offers programs for operators of critical infrastructure in the areas of energy and utilities, finance, food, government, health, information and communication technologies , manufacturing, security, transportation and water.
Public Safety Canada, in collaboration with the Cyber Center, developed the Canadian Cyber Security Tool to provide critical infrastructure organizations with an easy way to assess their cybersecurity in under an hour.
It was first offered to healthcare organizations in the summer of 2020 and is now available for all critical infrastructure sectors. Public Security says it has conducted 132 assessments to date.
Cybersecurity: what to look for to stay safe
The ministry is also offering the Cyber Resilience Review in Canada, an on-site, survey-based exercise that can take up to a day and a half. Public Safety says 110 assessments have been completed in various critical infrastructure sectors since 2013.
Use security tools – Install anti-malware and anti-virus software on devices to detect suspicious activity and secure network with firewall. Use strong passwords, or passphrases, to fend off so-called “brute-force” attacks that scroll through endless password possibilities.
Update systems – Regularly use updates and patches to fix bugs and vulnerabilities in software, firmware and operating systems.
Segment networks – Dividing a network into several smaller segments can prevent ransomware from spreading throughout the network.
Respect the principle of “least privilege” – Give employees access only to the functions and privileges necessary to perform their duties.
Random tests – Have testers try to breach the security of a system with techniques that a hacker could use. The Bank of Canada, like many financial institutions, has a long-standing emphasis on protecting internal systems, including network penetration testing.
Data backups – It is essential for an organization to have copies of data and systems in the event of an incident. Make sure that backups are stored offline, as cybercriminals can infect backups if they are connected to networks.
“Make sure your organization has multiple backups stored offline and performs the backup process frequently, to ensure that the data is as close to real time as possible,” Cyber Center explains.
“Testing your backups is also a critical part of your backup and restore process. To provide an additional layer of protection, you must encrypt your backups. Having a secondary backup in the cloud is also a recommended approach to improve your recovery capacity.
© 2021 The Canadian Press