Canada Considers Mandatory Reporting Of Cyber Attacks

Canada’s Public Safety Minister Marco Mendicino has said recently that the federal government is looking into requiring Canadian businesses and companies to report cyber attacks. “We are considering very carefully, this is an option,” Mendicino told members of the Public Security and National Security Council.

Mendicino also warns of increased risk of cyber attacks from Russia and others amid a global threat environment that continues to shake the foundations of the post-second World War international order. 

Canada’s public safety minister says the federal government is weighing introducing mandatory incident reporting for cyber crimes to better understand their prevalence domestically and how to prevent them going forward. Speaking to the House of Commons Public Safety and National Security committee about Canada’s security posture in relation to Russia, Mendicino said the government is on “high alert” for cybercrime activity.

“I cannot emphasise enough how important it is that in the current geopolitical environment within which we find ourselves that we are very much on high alert for potential attacks from hostile state actors like Russia, which could manifest through cyber attacks, through ransomware, which look to identify potentially valuable targets to Canadian interests, like critical infrastructure,” he said.

Asked by NDP MP Alistair MacGregor whether Ottawa is considering making it mandatory for all sectors, the minister said “I absolutely think it's something that we need to be considering, for sure, yeah, it's an option that we're considering very carefully.” MacGregor said the committee has heard from some witnesses who have called for mandatory incident reporting. "Sometimes businesses are loath to report that they have been held hostage by ransomware," MacGregor told Mendicino. "They find it's easier to pay off the person, not report it. Also, there can be a threat for further damages if they do in fact report to the authorities.

Mendicino warned MPs on the committee that the current international situation has increased the threat of cyber attacks on Canadian businesses, organisations and diverse levels of government.

"I cannot emphasise enough how important it is that in the current geopolitical environment ... we are very much on high alert for potential attacks from hostile state actors, like Russia," he said. The minister said those attacks "could manifest through cyber attacks, through ransomware, which look to identify potentially valuable targets to Canadian interests, like critical infrastructure, but equally to subnational targets, different orders of government and other sectors of the economy."

Since the government created the Canadian Centre for Cyber Security, (CCCS) it has been sharing cyber threat information with owners and operators of Canadian critical infrastructure. The federal government also has created a special unit within the RCMP to coordinate police operations against cyber criminals. 

The CCCS has issued a number of bulletins warning Canadians of the potential for cyber attacks by Russian state-backed actors who may try to assault critical infrastructure, such as electricity systems.

In its National Threat Assessment 2020 report, which laid out its predictions for the next two years, the centre said the number of bad actors is rising and they're getting more sophisticated. It warned of a potential increase across Canada in cybercrime, ransomware attacks and commercial espionage, particularly against Canadian businesses, academic institutions and governments that may have proprietary information.

"Canadian organisations of all sizes, such as small and medium-sized enterprises, municipalities, universities and critical infrastructure providers, face a growing number of cyber threats," the centre wrote in its report. "These organisations control a range of assets that are of interest to cyber threat actors, including intellectual property, financial information and payment systems, data about customers, partners and suppliers and industrial plants and machinery." 

The value of ransomware payments is also on the rise, the CCCS warned. "Ransomware researchers estimate that the average ransom demand increased by 33 per cent since Q4 2019 to approximately $148,700 CAD in Q1 2020 due to the impact of targeted ransomware operations... At the more extreme end of the spectrum are multi-million dollar ransom events, which have become increasingly common," said the report.

Groups like the Canadian Federation of Independent Business (CFIB) say the government should focus on providing information and improving police services to victims, instead of making reporting mandatory. "Forcing them to do it will not result in fewer attacks, it will mean more work and red tape for businesses. Some of them don't want to report cyberattacks, fearing their additional consequences." commented Jasmin Guénette, vice-president of national affairs for the CFIB.

In contrast, at least one Canadian cyber security expert thinks that Canadian organisations should report cyber incident breaches to a federal authority to develop nation-wide threat intelligence. “Canada absolutely needs mandatory full incident reporting,” said Brett Callow, a threat analyst for Emsisoft.

CBC:     ICLG:      CTV:    Global News:      IT World Canada:     ProIQRA

You Might Also Read: 

The Cyber Security Top Ten Power List:

 

« Channel 4 TV Launches New Cyber Thriller
Cyber Security Training For Employees & Employers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Rubicon Workflow Solutions

Rubicon Workflow Solutions

Rubicon is a leading provider of managed IT support and strategic services, specialising in creative and mixed platform environments.

KELA

KELA

KELA's powerful cybercrime intelligence platform uncovers and neutralizes the most relevant cybersecurity threats coming from the hardest-to-reach places on the internet.

Odix

Odix

Odix security software neutralizes file embedded targeted cyber attacks before they enter your organization’s network.

Aviva

Aviva

Aviva provides Cyber Liability cover for small to mid-market customers to help combat the threat of data and privacy breach.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

H3Secure

H3Secure

H3 Secure focuses on Secure Data Erasure Solutions, Mobile Device Diagnostics and Information Technology Security Consulting.

TM One

TM One

TM One is the enterprise and public sector business solutions arm of Telekom Malaysia Berhad (TM) Group.

Dhound

Dhound

Dhound is a cybersecurity company providing web application penetration testing.

SynSaber

SynSaber

SynSaber is a data collection, detection, and visibility solution that forms the foundation of industrial cybersecurity.

AutoRABIT

AutoRABIT

AutoRABIT provides DevSecOps tools built specifically for Salesforce developers to increase release velocity, produce consistently high-quality code, and enhance data security.

Apura Cybersecurity Intelligence

Apura Cybersecurity Intelligence

Apura is a Brazilian company that develops advanced products and provides specialized services in information security and cyber defense.

Cyber News Live (CNL)

Cyber News Live (CNL)

Cyber News Live provide vital information and raise awareness about all things 'cyber' to ensure you stay protected in the digital world.

Sev1Tech

Sev1Tech

Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services.

Cysmo Cyber Risk

Cysmo Cyber Risk

Cysmo is an innovative cyber risk assessment platform specifically designed for the needs of the German insurance industry.

Lenze

Lenze

Lenze are an experienced partner for automation systems, digitalization and cyber security.

Prowler

Prowler

Prowler is at the forefront of the Open Cloud Security movement, championing a new era of transparency, customizability, and community-driven security for cloud environments.