91裸聊视频

Skip to content
  1. Home
  2. Canadian News

Ransomware business booms as Canada wrestles with cybersecurity standards

Cybersecurity experts say multi-layered protection needed in online security standards
The Canadian Press
web1_20240604200652-bad0f2147a11af77e9a9b8240c88c3e81848b70c8d3d8247d31b54aaadf02af8
A man uses a computer keyboard in Toronto in this Sunday, Oct. 9 photo illustration. The ransomware business is booming in Canada. Recent victims have included large corporations such as retailer London Drugs, as well as the City of Hamilton, Ont., and the government of Newfoundland and Labrador. THE CANADIAN PRESS/Graeme Roy

The ransomware business is booming in Canada.

Recent victims have included large corporations such as retailer London Drugs, as well as the City of Hamilton, Ont., and the government of Newfoundland and Labrador.

But the criminals who sometimes brag of their attacks on the so-called dark web don91裸聊视频檛 seem fussy about their targets, based on a small sample of the targets listed by B.C.-based threat analyst Brett Callow. Among them have been a B.C. library network, the province91裸聊视频檚 First Nations Health Authority and an Ontario charity for disabled children.

Cybersecurity experts say the spate of attacks has serious implications for victims and the public, and organizations need multi-layered protection in a landscape of fledgling online security standards.

Callow favours an outright ban on ransom payments, or at least regulations limiting them, to stem the tide of attacks.

Toronto-based lawyer Eric Charleston says it91裸聊视频檚 not so simple, and he91裸聊视频檚 seen cases where a ban would have meant 91裸聊视频渁 punishment of the victims.91裸聊视频

But both agree that potential targets should boost security to prevent breaches from happening at all.

Charleston said many incidents go unreported, so it91裸聊视频檚 hard to exactly gauge the apparent increase in ransom cyberattacks, in which hackers demand payment or they will release sensitive data.

However, the advent of cryptocurrency has given cybercriminals who often operate in foreign jurisdictions a way to monetize data theft, he said.

91裸聊视频淭he fact that all these transactions are recorded on the blockchain (means) the breadcrumbs are there on where this money is going,91裸聊视频 he said.

91裸聊视频淏ut at the end of the day, if you have different regulations on how people can divest from their crypto accounts 91裸聊视频 (they) can still come in and take the money.91裸聊视频

The potential implications of a data breach are far-reaching,said Charleston, the national co-leader for cybersecurity with Borden Ladner Gervais LLP.

They range from financial and reputational damage to possible legal liability amid 91裸聊视频渆merging91裸聊视频 standards for cybersecurity in Canada, he said. Charleston said proposed new federal and Ontario laws could herald minimum levels of security for certain sectors.

Targeted companies can face class-action lawsuits over data breaches 91裸聊视频 last month, victims of a 2019 breach at LifeLabs Inc. started receiving payments of $7.86 each. That doesn91裸聊视频檛 sound like much, but the total settlement amounted to $9.8 million.

Callow, meanwhile, said the stakes could be life or death. He pointed to work by researchers at the University of Minnesota School of Public Health, who estimated that ransomware attacks that disrupted hospital operations killed at least 42 U.S. Medicare patients between 2016 and 2021.

GAME OF 91裸聊视频榃HACK-A-MOLE91裸聊视频

There have been some wins for law enforcement, Charleston said.

In February, the National Crime Agency of the United Kingdom led a consortium of police agencies in disrupting the operations of LockBit, calling it 91裸聊视频渢he world91裸聊视频檚 most harmful cybercrime group.91裸聊视频 A subsequent statement last month identified a man from Russia as the 91裸聊视频渁dministrator and developer91裸聊视频 of LockBit, which provides a global network of hackers with the tools they need to carry out attacks.

Callow, who works for New Zealand-based antivirus software company Emsisoft, said enforcement such as the operation against LockBit undermined confidence among cybercriminals.

But LockBit was soon up and running on a new site, he said.

Callow said LockBithad made the ransom demand over the London Drugs hack that was detected in late April and forced the B.C.-based retailer to shut all its stores across Western Canada for about a week.

The company later confirmed that data that 91裸聊视频渕ay contain some employee information91裸聊视频 was released, saying it was 91裸聊视频渦nwilling and unable91裸聊视频 to pay a ransom to hackers it described as 91裸聊视频渁 sophisticated group of global cybercriminals.91裸聊视频

Callow said the good news for individual employees is that typically, nothing further happens with their stolen data. 91裸聊视频淚t just sits there on the dark web,91裸聊视频 he said.

He likened catching international cybercriminals who hope for a big payday from companies or institutions to a game of 91裸聊视频渨hack-a-mole.91裸聊视频

91裸聊视频淭he faster you can whack them, the less damage they can do.91裸聊视频

But cybercriminals seeking ransoms aren91裸聊视频檛 the only threat.

B.C. officials have said a 91裸聊视频渟tate or state-sponsored91裸聊视频 actor was likely responsible for a series of attacks against the province detected in April. On Monday, Public Safety Minister Mike Farnworth said 22 government email inboxes containing the sensitive personal information of 19 employees may have been accessed during the breach.

Canadian government officials including Public Safety Minister Dominic LeBlanc issued a joint statement on Monday aimed at raising awareness of the threat 91裸聊视频減osed by malicious cyber activity by foreign states and their affiliates.91裸聊视频

Certain foreign states were conducting 91裸聊视频渨ide-ranging and long-term campaigns91裸聊视频 to compromise Canadian government and private-sector computer systems, the statement said, singling out China, Russia, Iran and North Korea.

On Tuesday, Canada91裸聊视频檚 auditor general released the results of a cybersecurity audit, finding the federal government lacked the capacity or tools to effectively combat increasingly sophisticated cyberattacks.

It91裸聊视频檚 against this backdrop that Ottawa is expected to launch a new national cybersecurity strategy this year, following the creation of the National Cybercrime Coordination Centre in 2020.

A proposed cybersecurity bill is also making its way through the federal legislative process. If passed, it would provide a framework for the protection of online systems vital to national security or public safety, including empowering officials to require certain service providers to implement cybersecurity programs.

Charleston said that bill and another in Ontario showed that parameters for cybersecurity controls were being drawn in Canada.

Ontario91裸聊视频檚 proposed legislationwas aimed at enhancing cybersecurity for public-sector institutions governed by existing privacy and freedom of information laws.

The emerging standards would likely grow into a 91裸聊视频渞oad map91裸聊视频 for arguments related to liability and negligence in the aftermath of cyberattacks, Charleston said.

91裸聊视频淚t91裸聊视频檚 less likely, I think, that the courts are going to get into what meets the standard of adequate data security and cybersecurity controls 91裸聊视频 until some of this guidance comes along from government,91裸聊视频 he added.

Callow said cybersecurity should be subject to standards similar to the way other sectors are regulated, such as aviation and automotive manufacturing.

But he went further in calling for an outright ban on ransom payments. Callow pointed to a recent media report suggesting U.K. officials were expected to launch public consultation on proposals to either ban such payments or require victims to report a breach to the government, then seek a licence before making any payment.

91裸聊视频淎ll of those things would not only cut down on the payments, but also help us get a better handle on how many attacks there are, whether things are trending the right way or the wrong way, whether policies, strategies, are actually working,91裸聊视频 he said.

Charleston took a different tack, saying he had seen cybercriminals block access to a system belonging to a company that would likely never have been able to recover its data and resume operations if it had been barred from paying the ransom.

Callow acknowledged that he was among a 91裸聊视频渕inority91裸聊视频 in cybersecurity who supported a ban on ransoms.

Both experts said some threats with the potential for serious consequences could be prevented through basic security measures, though they emphasized the importance of multi-layered security constantly monitoring for abnormal activity.

Charleston said organizations were constantly updating their systems, giving hackers 91裸聊视频渇resh landscapes91裸聊视频漷o exploit.

91裸聊视频淭he way that the bad guys are getting in is constantly changing, and the battlefield is constantly shifting for cybersecurity professionals to keep these organizations safe.91裸聊视频

READ ALSO:

READ ALSO:

More Canadian News

Supreme Court upholds air passenger compensation rules in win for consumers
Supreme Court upholds air passenger compensation rules in win for consumers
Canadian family anxiously awaits flight from Lebanon amid Israeli strikes
Canadian family anxiously awaits flight from Lebanon amid Israeli strikes
Parliament grinds to a halt as Conservative allege Liberal corruption
Parliament grinds to a halt as Conservative allege Liberal corruption
(or

91裸聊视频

) document.head.appendChild(flippScript); window.flippxp = window.flippxp || {run: []}; window.flippxp.run.push(function() { window.flippxp.registerSlot("#flipp-ux-slot-ssdaw212", "Black Press Media Standard", 1281409, [312035]); }); }