Campaign kick-off

Man sitting at a desk with a computer and a target on him

The financial impact of cyber attacks is increasing. For example, the average monetary demand of a ransomware attack increased by 33% in the short duration between Q4 of 2019 and Q1 of 2020 up to an average of $148,700 CAD,1 and Canada currently loses $3.12 billion per year to cybercrime overall.2

Cyber attacks are also increasing in frequency and sophistication. In many cases, the attacks are not perpetrated by individuals, but are complex, organized attacks orchestrated by highly successful cybercrime syndicates, some of which may be state sponsored. These threat actors will spend weeks or months planning the attack and gathering information about employees and companies.

Examples of cybercrime were all too common in the past year. From the Colonial Pipeline attack, which temporarily interrupted the supply of oil products on the East Coast of the United States, to the attack on the JBS Foods that affected meat supplies in North American and Australia, attacks were rampant across critical infrastructure sectors and businesses.

Cyber security cannot be an afterthought. It is a vital component of daily business operations and risk management. It must be an integrated element of budgetary planning and emphasized in employee training.

Despite the increasing frequency of cyber attacks, there are ways to keep your organization safe. By participating in Cyber Security Awareness Month, you will learn more about what cyber security means, why it is important, and what steps you can take to help keep your information, and the information of your organization, safe.

Phishing, Smishing and Vishing

Lady at computer desk working Phishing is the most common form of cybercrime. In Canada, 34% of people have knowingly received a phishing attack since the beginning of the pandemic, and many more may have received them without being aware of it.1

It is vital that organizations and their employees understand what phishing is, how it is perpetrated, and how to defend against it.

What is phishing

Phishing is malicious/fraudulent activity that attempts to obtain access to systems or sensitive information through email. A threat actor may attempt to steal your password or banking information by including a link in the email that directs you to a malicious site that they control. Alternatively, the threat actor may try to install malware on your computer through an infected link or attachment.

Phishing can also take the form of fraudulent phone calls (known as vishing) or SMS text messages (known as smishing).

How is phishing successful

For phishing attacks to be successful, the recipient is required to only make one error. Opening one malicious attachment or clicking on a single dangerous link can provide the threat actor access to your computer or to sensitive information. Once threat actors have gained access to your device, they can start to spread malware throughout an entire network or exfiltrate data from secure locations.

Threat actors continue to develop better phishing techniques. New variations of phishing attacks such as link-less phishing and spear phishing are becoming more common and are increasingly challenging to recognize. Link-less phishing is a style of phishing that directs you to a malicious website without clicking on a link. Spear phishing is a style of phishing that narrows in and targets specific groups or individuals. It should be noted that spear phishing lures are more dangerous and effective than other phishing attacks.

How to defend against phishing

The best way to catch phishing attempts is to have a healthy skepticism of unusual emails. As threat actors can mask the name of the sender as well as the email address itself, you should also pay attention to the content of the email. Threat actors try to instill a sense of urgency to cause you to react quickly, increasing your risk of making a small error such as clicking on a suspicious link. Be alert for signs of phishing such as typos, incorrect use of internal terminology, the email tone and its call to action.

If you suspect you have received a phishing email, do not open any links or attachments. Do not open the email itself, but flag the email as phishing. There are different methods of reporting, including alerting your email provider or your organization’s IT and cyber security team. If you have clicked on anything in the email, let your cyber security team know right away.

It is vital that each of us understands the role we play in keeping our work and home networks cyber secure. Through staying vigilant against phishing attacks, we help to protect ourselves and our organizations against cyber crimes.

Join us in participating in this week’s Cyber Security Awareness Month activities to learn more about phishing and how to stay cyber safe.

Login Credentials

Person on phone looking at appsLogin credentials, such as usernames and passwords, are ubiquitous. We have login credentials for every digital aspect of our lives.

With each device and account requiring a unique password, it can be challenging to remember them all. As a result, many people reuse passwords or often choose simple passwords. While simplicity may make passwords easier to remember, this is a dangerous habit. In fact, it is estimated that 80% of successful breaches are due to compromised credentials.1

How passwords are compromised

One common way that passwords and other login credentials can be compromised in a data breach. The threat actor hacks into a website and exfiltrates the login details of as many users as possible. Threat actors may upload this information to the internet for other threat actors to purchase or access for free.

Credentials can also be compromised through a phishing attack that requests a password or login information. Once a threat actor has your login credentials, they can prevent you from gaining access to your own accounts. They may also use these login credentials to try and gain access to your other accounts.

In 2020, an attack on the Government of Canada’s GCKey affected thousands of Canadians. This attack occurred because threat actors obtained valid credentials (usernames and passwords) from unrelated data breaches.

Reusing passwords puts your information and access to services at risk. If a password is compromised, threat actors can access (or sell access to) your other accounts.

How to keep passwords and credentials safe

Protect yourself by taking steps to keep your credentials and accounts safe:

  1. Use strong passwords and make them unique – avoid re-use.
  2. Use multi-factor authentication.
  3. Be suspicious of unsolicited phone calls, text or email messages from individuals or institutions asking for personal or business-related information
  4. Keep social media accounts private and only accept requests from people you know. Information you post online can reveal answers to personal account security questions.

Your passwords and credentials are critical to the security of your information and access to services. Protecting these assets with good cyber security practices creates a strong defence against cyber attacks.

Complete this week’s Cyber Security Awareness Month activities to learn more about why strong passwords are important and how to stay cyber safe.

Cyber Hygiene

High sensitivity documents It may sound odd to connect the word hygiene with technology. However, having good cyber hygiene is a vital part of keeping your devices and your network secure.

What is cyber hygiene?

Cyber hygiene refers to the habits associated with cyber security. Much like physical hygiene improves the resilience of your immune system against germs, cyber hygiene improves the resilience of your devices, networks or systems against cyber attacks.

Why is it important?

Cyber attacks are becoming increasingly common. While it is not always possible to stop threat actors from launching cyber attacks, it is possible to defend against them. Small behavioural changes related to good cyber hygiene become habits that will strengthen your cyber resilience.

Cyber hygiene habits

Here are some examples of cyber hygiene habits:

  1. Use strong passwords for all accounts, and don’t re-use them between accounts.
  2. Keep the software and hardware on all devices up to date.
  3. Never use public or unsecured Wi-Fi networks.
  4. Disable the camera and location services of all devices when not in use

It is important that you cultivate these habits on all your devices. Mobile phones and internet-enabled ’IoT’ devices (such as smart speakers or doorbells) provide unique opportunities for threat actors to gain access to the rest of your network.

Information classification

A key area of cyber hygiene is information classification. Information classification and labelling of information ensures that documents with sensitive information are handled appropriately. For example, some information must be encrypted or can only be viewed by authorized individuals or groups. Take the time to read your organization’s policy to understand how to classify documents appropriately.

The COVID-19 pandemic has highlighted the importance of properly washing our hands. Take the time this week to learn about the importance of cyber hygiene.

Join us in completing this week’s Cyber Security Awareness Month activities to learn more about cyber hygiene and how to stay cyber safe.

How a cyber attack comes together

computer being protected from malwareThere are many different types of cyber attacks. While cyber attacks affect your network differently, they are all threats that attempt to exploit vulnerabilities in your network.

How a threat actor gains access

A threat actor can gain access to your accounts and devices through compromised credentials obtained in a phishing attack or by accessing them from another threat actor that has obtained them in a previous attack. Threat actors can also use phishing attacks to install malicious software (also called malware) on your device. A threat actor can then execute harmful actions without you knowing.

Different types of cyber attacks

There are many different types of cyber attacks, but these are two common ones:

Ransomware is a type of malware that makes data inaccessible. Typically, a threat actor will install malware on your device that can sit undetected for months, quietly monitoring an entire network, before a larger attack happens. During this attack, the threat actor will either lock your devices or encrypt its files, or perform both actions. The threat actor will indicate that a payment that must be made in order to regain access to your files. This payment is typically requested in cryptocurrency

Denial of service (DoS) attacks occur when a threat actor attempts to overwhelm a system so that it no longer functions. For example, most websites have limited capacity, known as bandwidth, which DoS attacks exploit by attempting to send mass amounts of traffic to the website so that its service is temporarily or permanently disrupted. The service on the website may slow or completely cease to function.

What is the dark web?

The dark web is a part of the internet that is encrypted and inaccessible via regular web browsers. Specific software is required to access the dark web and all traffic is anonymous. Anonymization makes it highly attractive to threat actors looking for opportunities to commit cyber attacks.

Defence in depth

It is important to practice good cyber hygiene. Some examples include creating strong passwords, avoiding password re-use, being vigilant about phishing emails, using a Virtual Private Network (VPN), and enabling or installing firewalls on your devices. To further strengthen your cyber security posture, adopt a multi-layered approach to your cyber security measures, also known as defence in depth. Defence in depth requires numerous forms of security features that act as layers of defence against threat actors. These security features can range from building security, to intrusion prevention systems on the network, to risk management policies, and must all work together to prevent access to data. If one layer were to fail, defence in depth security ensures that other security measures will compensate, thereby protecting you, your device, and your organization more effectively.

Join us this week to learn even more about how a hack comes together, and how to defend against them.