Advertisement

Ransomware attacks becoming common, more sophisticated in Canada: agency

Click to play video: 'Indigo won’t pay ransom to hackers, says stolen employee data may appear on ‘dark web’ this week'
Indigo won’t pay ransom to hackers, says stolen employee data may appear on ‘dark web’ this week
WATCH: Indigo won’t pay ransom to hackers, says stolen employee data may appear on ‘dark web’ this week – Mar 1, 2023

The head of the Canadian Centre for Cyber Security says ransomware attacks are getting more common and sophisticated, but there’s a lot the country could do to better defend itself.

“The threat is real, the threat is growing and we can’t talk enough about it,” said Sami Khoury, whose organization is aimed at providing the federal government with information technology security and foreign signals intelligence.

While ransomware attackers used to break into systems and take control, Khoury has now noticed many have changed their methods.

Instead of weaseling their way into systems and requesting cash just to give back control, Khoury’s found many attackers are now focused on stealing data and other sensitive information they can threaten to release or sell.

“They recognize that over time companies have become a little bit more sophisticated about having backups, so even if they lock the information technology, they can recover it from a backup,” he said.

Story continues below advertisement

“What they’re going after now is information.”

Such incidents have become so common that Khoury considers cybercrime, including ransomware, the No. 1 cybersecurity threat facing the country.

Click to play video: 'Ransomware attack delays Toronto’s SickKids lab results, systems could be offline for weeks'
Ransomware attack delays Toronto’s SickKids lab results, systems could be offline for weeks

Book retailer Indigo, grocer Sobeys, oil and gas producer Suncor Energy Inc. and Toronto’s Hospital for Sick Children have all been victims of ransomware attacks over the last year.

Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.

Get daily National news

Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

Khoury counts about 305 reports of ransomware to the Canadian Centre for Cyber Security last year, up from about 295 the year before.

“But I can assure you the real number is nowhere near that,” Khoury said.

“The real number might be closer to add a zero maybe to it.”

The true number of attacks is likely much higher because he’s realized many organizations are too embarrassed to report they’ve been impacted by cybercrimes.

Story continues below advertisement

Khoury argues reporting is essential. The more incidents the Canadian Centre for Cyber Security knows about the more specific it can tailor its advice and guidance and the more information it can glean about who might be behind an attack, so they can be stopped.

He also urges organizations to better protect themselves against cyberattacks by using stronger, differing passwords, setting up multi-factor authentication on accounts and educating themselves about security risks.

These steps, he said, are key to fighting not just cybercrime, but also attacks on critical infrastructure, risks focused by nation states threatening Canada and rampant misinformation.

Each have grown in importance over the last year as geopolitical unrest grows and key infrastructure like pipelines are increasingly targeted.

Click to play video: 'Feds introduce act requiring businesses to report ransomware attacks or face penalties'
Feds introduce act requiring businesses to report ransomware attacks or face penalties

Koury’s centre, which is part of the federal Communications Security Establishment, urged Canadians in February “to be vigilant and prepared” for potential malicious online activity following the one-year anniversary of Russia’s invasion of Ukraine.

Story continues below advertisement

In May, it warned of “a significant threat” from a state-sponsored perpetrator associated with China that “takes advantage of built-in network administration tools to move through systems, so any action can look like normal activity.”

It has also watched the government pull music-based app TikTok from federal devices because its parent company ByteDance is based in China, where laws allow the country to demand access to user data.

Asked if he would recommend the country to take further action on TikTok, Khoury said he would defer to the government, but indicated the public has a role to play.

“We invite all Canadians to look at the settings on their phone and look at what applications are asking for what access and make a personal judgment call,” he said.

Despite the influx of threats and the number of security issues capturing public attention these days, Khoury said Canadians shouldn’t feel pessimistic about the fight against cyberattackers.

“We can absolutely make a difference. I don’t want to leave you with a feeling of hopelessness,” he said.

“There’s a lot of good tools, a lot of good advice…and if something small happens on a network and you can call us and we will help you diagnose it.”

Sponsored content

AdChoices