Cyber criminals launch attacks from virtual bases in Canada
"A world in which you could put a castle wall around your system and keep intruders out is no longer plausible.''
MONTREAL – Canada’s clean reputation makes it a top destination for cyber criminals to launch global attacks on businesses, says a new study.
Instead of choosing Russia or China, some cyber criminals have been setting up servers with Canadian IP addresses for their attacks, says Websense’s cybercrime report card on Canada.
“They know they can piggyback off the reputation within Canada,” said Websense’s Carl Leonard. “Reputation is such a strong factor in this.”
In 2012, Canada was the No. 3 country of choice for cyber criminals to set up virtual bases with advanced malware for corporate espionage, said the report, to be unveiled Wednesday at the SC Congress in Toronto, a conference on information security.
Websense said it’s the first time it has released this metric for Canada. The US was No. 1 and the Netherlands was the No. 2 choice in 2012.
Such an attack can cost a company about $3 million, including the loss of data, fixing the problem and potential damage to its brand, said Leonard, who is based in the UK and is a senior manager at the U.S. cyber security company.
And it’s not always top employees like the CEOs and chief financial officers who are targets, said Leonard.
The computers of a company’s administrative staff, its receptionist and information technology employees can be targeted as a means to steal corporate information. They may have access to customer lists, prices, passwords, network information and intellectual property, he said.
Malware can also be dropped into a company’s website without anyone being aware. A company’s suppliers also can be targeted online, he said.
“It’s all very covert,” Leonard said. “It really is incredibly difficult to put the pieces of the puzzle together.”
All kinds of businesses can be targets, including manufacturing and defence companies, he said. Usually an attack isn’t made public, he added.
Stolen corporate information can be sold to other cyber criminals or even to governments, Leonard said, noting that China has been mentioned as a culprit.
“They’re trying to zoom in on the pieces of data that are going to get them the best return on investment.”
Prof. David Skillicorn of Queen’s University said it’s still surprising how businesses have their systems’ default passwords set as “password” or “12345.”
But he said from a business point of view, Canada is no less prepared for corporate espionage attacks than any other country.
“When the American military goes and testifies before Congress that they can’t even guarantee the security of their networks, you get some idea of how hard the problem is,” said Skillicorn, who teaches at the university’s school of computing in Kingston, Ont.
He also noted that small supply firms can be hit as a means of getting access to larger corporations.
“A world in which you could put a castle wall around your system and keep intruders out is no longer plausible, even at the high end.”
©The Canadian Press