Concerns growing over spike in cybersecurity incidents in Canada
Posted January 12, 2023 1:55 pm.
Last Updated January 12, 2023 2:18 pm.
Concern is growing over cybersecurity attacks with many businesses and government organizations targeted in recent weeks, including SickKids hospital and more recently, the LCBO.
The head of engineering for cybersecurity firm Check Point Canada, Robert Falzon, said it’s resulting in millions of dollars in losses. “It’s getting more attention because of the nature of them and how frightening some of them truly are actually.”
Statistics Canada says that Canadian businesses that were impacted by cybersecurity attacks spent over $600 million to recover from the incidents in 2021. Numbers for 2022 have not been released at this point.
“We’ve seen already at organizations in the past few years hit by cyber attacks where the loss of data was leaked. People are less likely wanting to do business with that organization because they fear they’re not taking the necessary precautions with their personal information,” said Falzon.
The most recent company reporting a cyber breach was the LCBO on Wednesday.
In a statement today, the LCBO says customers who provided personal information on check-out pages on its website and proceeded to its payment page between Jan. 5 and Jan. 10 may have had their information compromised.
It says that could include names, email and mailing addresses, and credit card information.
This particular incident comes after SickKids hospital experienced a ransomware attack in December forcing it to operate in what they call a “Code Grey.” Since then, the hospital said it had restored about 80 per cent of its priority systems.
“Healthcare is a challenge based on the fact that it’s such a critical infrastructure in the case of the attacks we saw last week at SickKids hospital. It really hits home because this is a family issue now,” explained Falzon.
He said cyber crimes have become easier to carry out due to AI applications like ChatGPT.
“This is enabling someone who knows virtually nothing about coding to ask an artificial intelligence engine to create a script to attack someone and it will actually generate script that is useable and can be deployed by someone with not enough knowledge as you would expect,” shared Falzon.
CEO of cybersecurity firm Cypher, Daniel Tobok, said another key reason cybersecurity attacks are on the rise is because many of those who are carrying them out are committing these crimes outside of the Canadian jurisdiction and can’t be brought to justice by local law enforcement or legislation.
“We have to create new legislation of how we’re going to deal with these particular threat actors where 98 per cent jurisdictional alliances operate outside our jurisdictional reach. We have to create global alliances with law enforcement and governments,” said Tobok.
Tobok add these companies should be investing in encryption software as well.
“We got a start encrypting data on our servers, the organizations that actually are holding citizen data have to come up with a plan so that the data that they hold that resides on their servers is actually encrypted and safeguarded.”
In terms of prevention, Falzon said education is key and be sure that firmware and software are all up to date.
Experts say larger companies should consider switching from a detection to a prevention strategy, helping get companies ahead of these ever-changing crimes.