Solving Canada’s security holes with the Malware Map of Canada

January 31, 20184 Minute Read

It’s no secret that 2017 has been a pretty rough year for cyber defence specialists everywhere. During the first half of the year, more data was breached than in all of 2016 combined—and breaches aren’t the only type of attack affecting the business world today. From malicious ransomware to viruses designed to brick entire machines, cybersecurity threats to businesses everywhere are growing.

See for yourself: If you look at the most recent Malware Map of Canada, the dangers aren’t remotely evenly distributed. From password encryption to printer security, the map highlights some scary vulnerabilities—and it’s time for businesses to get their cybersecurity in check. Know the threats, and you’ll be able to protect your business from the worst of what’s out there. And unless you’ve been living under a rock, you know that means WannaCry-level breaches.

Navigate Canada’s malware hotspots

If you’ve never seen the map before, here’s some background info: It shows the distribution of cyber attacks throughout the country. From what we can see, a lot of it’s concentrated near major metropolitan areas. Predictable, yes, but the country’s largest cities were hit hardest.

Even though the overall number of malware attacks declined during the summer of 2017, the number of ransomware attacks spiked by a whopping 23 percent. It’s official: Ransomware is the most rapidly growing category of attack. But the reality is that most of these attacks were launched without any specific idea of where the target was located, and simply cluster near cities due to Canada’s highly concentrated population.

What have we learned from this? Malware activity generally doesn’t follow centres of population, it follows centres of information—and information is a big moneymaker. Thanks to the map, we can see that the most threatened cities tend to be Vancouver, Toronto, and, despite its relatively small size, Ottawa. The Canadian capital has carried a much higher-than-average rate of malware attacks over the past few months—980 percent higher than average, to be exact. If you’re wondering what that means, let us explain: The value of data can be completely unrelated to the net worth of the entity from which it was stolen.

Don’t panic, but you’re on your own

The Government of Canada is one of the most targeted recipients of cyber attacks in the world, which is a pretty big problem: It’s the first line of defence for the country’s larger business and civilian infrastructures. The Cyber Security Cooperation Program is still moving along, and it’ll continue to hand out grants to cybersecurity operators until 2019. But for the most part, Ottawa’s contribution right now is to focus on its own needs and build up its own capabilities.

That’s exactly how Canada is supposed to behave in the final years of its Cyber Security Strategy, which was created to bring the country’s cybersecurity infrastructure up to speed. Going forward, the Canadian federal and provincial governments will try to help boost the overall level of data privacy and security in business. But for now, even the country’s largest and most economically important corporations have been thrown to the wolves, and they’ll have to design a security regime essentially on their own.

Strike back at cyber attacks

It’s not glamourous, but it’s true: The most important security practices are the oldest, simplest, and most annoying to keep in place. That means you’ll need to make sure your software is updated with the latest security and stability patches, and, while you’re at it, enforce best practices on employees so they don’t undermine all your hard work. From wireless access points to USB ports, there are countless points of entry for attackers. If you want to kick your security up a notch, you’ll need defensive measures that span network security, device protection via dedicated printer security suites, and even physical alarm systems throughout the office itself.

One more measure: Have you tried collecting defensive intelligence? Try out some software that helps log and analyze network activity so your IT team is alerted to even harmless investigatory moves by potential attackers. If you start using more advanced techniques like honeypots—fake areas of the network designed to entice attackers and trigger internal alarms—it’s possible to build a profile of the attack types your business is most likely to suffer, and defend against them as strategically (and powerfully) as possible.

It’s all part of an ongoing war between criminal hackers and the manufacturers of office devices and services. Device manufacturers are actually winning most of the battles, patching the biggest vulnerabilities before they hit the world’s networks. But if you’re not keeping your installations up to date, you’re regularly undermining their efforts. So kick the lax security practices, and the world’s network and device security companies could win every battle.

Even if your company isn’t situated in one of the hotspots shown on the map, it’s important to stay as secure as possible. After all, it’s not just your business’s security that’s at stake—it’s the defensive abilities of the country at large.

Jasmine W. Gordon August 10, 2018 4 Minute Read

SMS phishing: The lazy hacker’s weapon of choice

Follow these mobile security strategies to prevent you and your employees from falling prey to the lazy hacker's game: SMS phishing.

Danny Bradbury August 9, 2018 3 Minute Read

Don’t fall prey to black-market printer supplies

Printer supplies like ink cartridges are more lucrative than you think—so much so that there's a black market for them. Here's what you need to know.

Rose de Fremery August 8, 2018 4 Minute Read

Outfox cybercriminals with these hacker prevention tips

Hacker prevention gets trickier every day, so protect your business by getting up to speed on the new malware infiltration methods hackers have devised.