Canada’s critical infrastructure an ‘almost certain’ target for cybercrime

Canadians are increasingly targets of ransomware attacks, with organized cybercrime activity posing a threat to national security, economy and critical infrastructure, officials are warning.

The Canadian Centre for Cyber Security released a report Monday, saying that over the next two years, “financially-motivated cybercriminals will almost certainly continue to target high-value organizations in critical infrastructure sectors in Canada and around the world.”

In particular, the agency categorized ransomware — in which digital files are held hostage or encrypted until a fee is paid — as the “most disruptive” form of cybercrime facing Canada.

1:24 RCMP encourages reports of cybercrime, says any case could be ‘missing piece’ to international puzzle

“Ransomware has become one of the most devastating types of cybercrime, impacting individuals, businesses, and government agencies,” the report said.

“Over the next two years, we assess that cybercrime activity in Canada will very likely increase.”

The warnings come amid a year that has seen dozens of high-profile cyberattacks and ransomware targeting major businesses, healthcare networks, law enforcement and governments around the world.

0:40 Indigo won’t pay ransom to hackers, says stolen employee data may appear on ‘dark web’ this week

Among all the ransomware incidents in Canada, the top sectors targeted in 2022 were manufacturing, businesses and professional services, information and communication technology, retail and consumer goods, and healthcare and pharmaceuticals.

Meanwhile, the top ransomware variants included LockBit, Conti, BlackCat/ALPHV, Black Basta and Karakurt.

The report assessed Russia, and to a lesser degree Iran, as likely “safe havens” for cybercriminals operating against Western targets.

“We assess that Russian intelligence services and law enforcement almost certainly maintain relationships with cybercriminals and allow them to operate with near impunity,” the centre said.

1:27 Russia, Iran ‘very likely’ act as cybercrime safe havens boosting foreign attacks on Canada: officials

Canadian retailers and institutions have been among those hit in a wave of recent ransomware attacks.

Book retailer Indigo, grocer Sobeys, oil and gas producer Suncor Energy Inc., and Toronto’s Hospital for Sick Children have all been victims of ransomware attacks over the last year.

Cybersecurity officials are warning that more incidents could occur in the future and will “jeopardize national security, public and environmental safety, and the economy.”

2:04 ‘Notable rise’ in Russia-backed cyberattacks against Canada: CSE

According to the RCMP, there were 454 ransomware attacks with a Canadian link and more than $530 million in financial losses were reported to the Canadian Anti-Fraud Centre for various types of cybercrime and fraud last year.

But only five to 10 per cent of cybercrime victims actually report to law enforcement, said Chris Lynam, director general of the National Cybercrime Coordination Centre (NC3) and Canadian Anti-Fraud Centre within the RCMP.

“Every part of Canadian society has got to really take this seriously,” he said during a virtual briefing on Monday.

Given how serious the threats are, officials urged Canadians to take preventative measures to protect themselves and report any incidents.

1:32 At least $530M lost to cybercrime in Canada in 2022, RCMP says

Sami Khoury, head of the Canadian Centre for Cyber Security, said collaboration with provinces and international partners is key to curbing cyberattacks.

“The good news is that most cyber incidents can be prevented by basic cybersecurity measures,” added Khoury.

The Cyber Centre’s website offers advice and guidance to protect Canadian individuals and businesses from various online threats.

10:30 How Russian cyber criminals are targeting Canadians, oil and gas sector

The federal government introduced controversial legislation in spring 2022 that would compel critical infrastructure operators in five key sectors to comply with sweeping government orders to take actions to protect their cybersecurity.

But the bill has languished for a year and a half with no clear timeline for when the government will push to move it forward following concerns that it would enforce a “high degree of secrecy.”

According to a recent Statistics Canada report, cases of fraud, including identity theft, nearly doubled last year compared to a decade ago and was up four per cent from 2021.

Relatively high proportions of fraud and extortion are reported as cybercrimes, StatCan said.

— with files from The Canadian Press