Search This Blog

Powered by Blogger.

Blog Archive

Labels

'Ransomware Year' May Be The Most Devastating Ever

The federal government is confident that its cyber security measures are adequate, but tactics are constantly being adapted.

 


In recent months, cyberattacks have been launched against Canada's largest children's hospital and a large-scale liquor board. It may be just the beginning of a year filled with major cyber and ransomware attacks on these private institutions. The reason behind this trend is that due to sanctions against Russia and the declining crypto markets, hackers have become more aggressive. In late December, Toronto’s Hospital for Sick Children was the victim of a ransomware attack that caused delays in lab results and the system to go down. 

It was reported in January that the Liquor Control Board of Ontario had been compromised by a piece of malicious code. This code was used by hackers to steal the data of Ontario customers. As David Shipley from Beauceron Security, a cybersecurity company, explained, many payments in the world of cybercrime are being facilitated through bitcoin and other cryptocurrencies. These currencies are used as payment instruments in the world of cybercrime. 

Throughout the past year, many crypto assets have experienced significant losses. Several of those losses were recovered through ransom attacks perpetrated by hackers as part of the effort. 

Their business model is that they make hundreds of millions, and perhaps billions of dollars, mainly through bitcoin. This is due to ransoms, which they facilitate mainly through bitcoin, Shipley explained. They have lost a lot of their wealth and they will have to work hard to recoup it. Shipley believes it is the most likely reason for upcoming investigations into future malicious attacks. Additionally, he warned that cybercrime can also be a lucrative way for people to earn money, particularly now that sanctions are being placed against Russia. The U.S. FBI's raid on a ransomware group called Hive may have had a positive effect on slowing down activity. Cybercrime however has an easy entry barrier and a great deal more criminals will be able to enter the market as a result of the low entry barrier. 

During a recent interview with the Canadian Centre for Cyber Security, Sami Khoury, head of the organization, said things seem to be getting comparatively more challenging as time passes. 

Some of the ransomware events have indeed grown in sophistication and number over the past few years. Additionally, it is becoming increasingly apparent that skills that were previously associated with nation-states are now being transferred to cyber criminals. Compared to the ransomware and phishing emails sent five years ago, the malicious email used by today's scammers is a different game altogether,  Khoury added.

Ransomware is the biggest threat to Canadians, according to a report released by the Cyber Center detailing threats. More than 400 healthcare organizations in the U.S. and Canada have been hit by ransomware attacks since March 2020. The researchers found that the majority of them were located in the United States. Their findings also indicated that Chinese, Russian, Iranian, and North Korean state actors were significant contributors. 

Keeping in mind that ransomware can be incredibly lucrative for criminals, Khoury believes it attracts them to attack any company that is constantly running. 

When it comes to ransomware, cybercriminals are indiscriminate, they do not have any scruples, and they believe they will be able to make the most profit by attacking organizations that can not afford an interruption to their day-to-day operations, he continued. 

Cyber-terrorism attacks are constantly evolving, so governments have to adjust their tactics to stay ahead of hackers. Khoury believes the Canadian federal government is adequately protected from cyber-terrorist attacks. 

The government is being targeted with ransomware attacks in an attempt to get complete control of the system. Fortunately, all the sensor technology deployed has allowed people to catch them at the earliest possible stages of their development. This has allowed everyone to hold them at every phase of their expansion. 

There have never been any payments made by the federal government to ransomware companies, according to Shirley Ivan, chief information security officer for the government of Canada. When she was asked how to change passwords and backup systems when they were threatened, she explained that the government had effective procedures in place. 

It is their policy that, in general, they do not pay ransomware for the damage it has caused. Therefore, it cannot be said that there has never been a payment made to us or our partner. However, their IT systems are some decades old, including those that handle large organizations like the Employment Insurance System, which, in some cases, dates back decades. COBOL is a programming language that has not been widely used in recent years but is used in the EI program. 

The programs Ivan is aware of are over a decade old, but he assures it is being updated and the system will remain stable until the updates are completed. 

The company indeed has some older systems, but there are programs in progress to modernize these systems. This will enable the company to continue to provide services to clients to the fullest extent of the company's abilities. Making sure that payment is made, that transactions are processed, and that there is a flow of funds. 

Shipley recognizes that the government and the cyber center do a great job maintaining the security and operation of government systems. Yet, he said, the situation in the country is similar to that of a medieval castle; all the people live outside the walls.   
Share it:

Cyber Attacks

Cybersecurity

FBI

Ontario

Ransomware

Vulnerabilities