IoT Cybercrime Hotspot In Canada

Cyber criminals are shifting their attention from traditional computers to internet-connected devices in Canadian homes, says the government's cyber security agency.

In its threat assessment for 2018, the newly created Canadian Centre for Cyber Security says devices connected to the internet, such as a growing number of "televisions, home appliances, thermostats and cars", have become attractive targets.

"Manufacturers have rushed to connect more types of devices to the internet, often prioritising ease of use over security," the centre wrote in its report, made public Thursday 6th Dec.

"We regularly observe cyber threat actors exploiting security flaws in devices resulting in either disruption to device functionality or using devices as platforms to launch other malicious cyber activities."

Cybercriminals used thousands of devices connected to the internet, from baby monitors to air quality monitors and surveillance cameras, to launch a botnet attack in October 2016, the centre said.

"The botnet conducted a powerful Distributed Denial of Service (attack) that disrupted a major website domain manager, temporarily disabling some of the world's most popular e-commerce, entertainment and social media sites for millions of users."

Enterprising cybercriminals have even infected devices connected to the internet with malware to mine cryptocurrency, with the owner of the device often being oblivious to what is going on.

While cybercrime isn't new, the centre predicts cyber-attacks on Canadians are going to rise in number.

"Stealing personal and financial information is lucrative for cybercriminals and is very likely to increase."

The centre said it sees cyber-criminals becoming more organized and developing business-like processes.

Selling Stolen Information

"Cybercrime is now so prevalent and sophisticated that it sustains illegal online marketplaces," the centre wrote. "These cyber-crime marketplaces offer illicit goods, stolen information and malware. Some cybercrime marketplaces even offer customer support and rating functions."

Speaking to reporters as the centre's first report was made public, Scott Jones, head of the centre, said his organisation isn't trying to scare Canadians away from new technology. Instead, he said, the report is meant to help Canadians and Canadian companies avoid becoming victims of cyber criminals and state-controlled hackers.

With the next federal election set for 2019, the centre is also expecting other countries to use the web, botnets and troll farms to try to influence the opinions of Canadians and exploit political divisions or controversies.

"Although major web platforms are making efforts to curb the negative effects of manipulative information sharing, the opinions of Canadians will remain an attractive target for cyber threat actors seeking to influence Canada's democratic processes."

The centre cited a CBC News report that found Russia's Internet Research Agency used its trolls to comment on Canadian issues like the January 2017 Quebec City mosque shooting and asylum seekers crossing the border in the summer of 2017.

Jones said the centre plans to publish an update this spring on cyber threats to Canadian elections.

The centre said Canadian businesses will continue to be attractive targets for cybercrime — and their executives as well.

"Whaling occurs when an executive with authority to issue large payments receives a message appearing to come from a relevant department or employee, urging them to direct funds to an account controlled by a cyber threat actor."

Corporate espionage remains a threat, particularly for businesses in strategic sectors of the economy or those that have attractive intellectual property or commercially sensitive information. Companies with large databases are targeted by cyber crooks who try to extort businesses by revealing confidential client information.

Paying Cyber Ransom

"Some businesses decide that paying a ransom is cheaper than the costs associated with ignoring a cyber ransom. Yet cyber threat actors can decide to delete, modify or release information even if a payment is made."

The increased availability of cyber tools and the increasing interconnection of devices has also made it easier to launch attacks on Canada's critical infrastructure, the centre said.

"State-sponsored cyber threat actors have conducted cyber espionage against critical infrastructure networks in Canada and allied nations. In Canada, these threat actors have conducted reconnaissance and intelligence-gathering in the energy, aerospace and defence sectors."

Speaking with reporters, agency officials said those state-sponsored actors may have gathered enough information to disrupt critical infrastructure networks.
However, they said they believe other countries don't appear to be poised to do anything with that information, at least not yet.

"At this time, we assess it is very unlikely that state-sponsored cyber threat actors would intentionally seek to disrupt Canadian critical infrastructure and cause major damage in the absence of international hostilities," the centre said in its report.

While the centre was willing to talk about cyber security threats to Canada, Jones was tight-lipped when it came to questions about Chinese telecom giant Huawei and fears expressed by experts that it could take advantage of new 5G networks to spy on Canadians.

While Jones said government has given it a mandate to study security risks posed by the company and a deadline to report, Jones refused repeatedly to say when that report is due.

Jones also was reluctant to say whether the arrest of Huawei's chief financial officer Meng Wanzhou in Vancouver Saturday on behalf of the United States could prompt China to retaliate with cyber-attacks, or whether the centre has seen any increase in cyber-attacks since her arrest.

"We always have to be resilient, no matter what the possible trigger could be. So we increase our resilience against any form of malicious cyber activity that we could be facing as a nation."

CBC News:

You Might Also Read:

Security Flaws In Smart City Technology

« US Senator Calls For New Cyber Doctrine
Banks Lose Tens Of Millions Of Dollars In Hollywood-style Hacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

SABSACourses

SABSACourses

SABSA is a development process used for solving complex problems such as IT Operations, Risk Management, Compliance & Audit functions.

Teradata

Teradata

Teradata is a leading provider of enterprise big data analytics and services. Applications include Cyber Security Analytics.

Elemendar

Elemendar

Elemendar Artificial Intelligence reads cyber threat reports written by humans and translates them into industry-standard, machine-readable and machine-actionable data.

Intuity

Intuity

The Intuity suite of services provides companies with a complete awareness of their security status and helps them in an efficient, efficient and sustainable improvement process.

US-Africa Cybersecurity Group (USAFCG)

US-Africa Cybersecurity Group (USAFCG)

USAFCG provides cybersecurity consulting services and delivers training programs for capacity building in Africa.

Synamic Technologies

Synamic Technologies

Synamic Technologies was founded in 2018 as a start-up to automate cyber security processes. Our CISOSCOPE product automates vulnerability management, risk management and compliance.

Trisul Network Analytics

Trisul Network Analytics

Trisul helps organizations deploy full spectrum deep network monitoring which can serve as a single source of truth for performance monitoring, security analytics, threat detection and compliance.

Yotta Infrastructure Solutions

Yotta Infrastructure Solutions

Yotta Infrastructure, a Hiranandani group company, provide Datacenter Colocation and Tech Services such as Cloud services, Network & Connectivity, IT Security and IT Management services.

Utimaco

Utimaco

UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions.

Mindsprint

Mindsprint

Mindsprint (formerly Olam Technology and Business Services - OTBS) are a leading edge technology and business services firm.

Verinext

Verinext

Verinext delivers transformative business technology, from intelligently automating time-consuming tasks and protecting data assets to securing infrastructure and improving customer experiences.

Nexer

Nexer

Nexer is a modern tech company with expertise in strategy, technology and communication with a strong vision.

2021.AI

2021.AI

2021.AI serves the growing business need for full oversight and management of applied AI.

Aspiron Search

Aspiron Search

Aspiron Search is a niche-focused Cybersecurity search firm that works exclusively with venture-backed Cybersecurity firms.

RKON

RKON

RKON Technologies provides managed IT and cybersecurity services to organizations across various industries, helping businesses mitigate risks and secure their digital infrastructures.

Sansec Technology

Sansec Technology

Sansec Technology is dedicated to the research and development of cryptographic products and solutions for cyber security.