An annual index ranking countries’ digital well-being shows Canada has work to do in shoring up its cybersecurity.
According to the report by the VPN service Surfshark, which was released earlier this month, Canada ranks 10th in breach count globally, with more than 207.4 million compromised accounts since 2004.
Surfshark’s annual Digital Quality of Life index ranks 121 countries on five core pillars – internet quality, internet affordability, e-infrastructure, e-government and e-security.
On e-security, Canada ranked 37th globally. This is the same ranking it got last year, but Canada has slipped 10 positions since the 2021 index. While concerns around e-security remain high in Canada, it outperformed both the United States (43rd) and Australia (41st) in this year’s rankings.
From government sites to large retailers, cyberattacks impact every corner of the country and our lives.
The index was released shortly before the Better Outcomes Registry and Network (BORN) in Ontario announced that around 3.4 million people who sought pregnancy care and advice in Ontario between January 2010 and May 2023 were affected by a cybersecurity breach.
BORN was made aware of the breach on May 31, after which it posted a public notice on its website and informed the Ontario Provincial Police and the Information and Privacy Commissioner of Ontario. On Monday, the agency gave more details about the kind of data that was leaked.
- Posters promoting ‘Steal From Loblaws Day’ are circulating. How did we get here?
- Canadian food banks are on the brink: ‘This is not a sustainable situation’
- Solar eclipse eye damage: More than 160 cases reported in Ontario, Quebec
- Video shows Ontario police sharing Trudeau’s location with protester, investigation launched
The statement said that during the breach, unauthorized copies of files containing the personal health information of approximately 3.4 million people were taken from BORN’s systems.
The statement said there was no evidence that any of the copied data was being misused. BORN is currently monitoring the internet, including the dark web.
Another parameter on which Canada performed poorly was internet affordability, ranking 51st in the world. Canadians have to work one hour and 17 minutes a month to afford fixed broadband internet. While this is less than the global average, this is four times more than the average Romanian, who has to work only 18 minutes a month to pay for internet service.
Phone internet availability is even worse, with Canadians having to work one hour, 50 minutes and 56 seconds to afford phone internet. This is seven times more than the average person in Luxemburg, who has to work 16 minutes a month to cover costs.
Canada, however, performed better on some of the other parameters of the report. Canada’s internet quality is 54 per cent higher than the global average. According to the report, fixed internet averages 228 megabits per second. This is only slightly behind Singapore, which has the world’s fastest fixed internet at 300 Mbps, and far ahead of Yemen, which has the slowest at 11 Mbps.
“Since last year, mobile internet speed in Canada has improved by 17 percent, while fixed broadband speed has grown by 21 percent. But compared to the United States, Canada’s mobile internet is 20 per cent slower, while fixed broadband is 8 per cent slower,” the report said.
Canada ranked 10th in e-infrastructure and 12th in e-government, which meant it was relatively easy to use the internet for various daily activities such as working, studying or shopping.
But with the convenience of e-infrastructure comes risk.
The BORN breach was the result of an international breach of file transfer software MOVEit. The MOVEit software, made by Massachusetts-based company Progress Software, allows organizations to transfer files and data between employees, departments and customers. BORN said it uses the software “to perform secure file transfers.”
Because of the file transfer, the hackers were able to copy certain files from one of BORN’s servers.
The health-care providers impacted ranged from midwifery practices and hospitals to fertility clinics and prenatal genetic screening labs. A full list is provided on the BORN website.
Experts said the breach could have been entirely prevented if more protective measures had been in place, such as stripping personal details like names, health-care numbers and addresses from the data.
— with files from Global’s Katie Dangerfield
Comments