Canada’s technical authority on cybersecurity, the Canadian Centre for Cyber Security, has published its National Cyber Threat Assessment 2023-2024.
Working in collaboration with the Government of Canada, Canadian businesses, international partners and critical infrastructure, the Centre provides expert advice and cyber security guidance to Canadian individuals and organizations.
The 2023-2024 National Cyber Threat Assessment (NCTA) clocks in at 40 pages and covers, among other things, how cyber threats are evolving, the threats facing Canadian consumers and organizations and how disruptive new technologies are opening the door to emerging threats. If you have the time, the whole document is well worth a look.
From a SeekingFire Consulting perspective, we’d like to draw your attention to a few things that caught our eye.
Key Judgements
The document outlines five key cyber threat narratives that the Centre believes will “continue to drive cyber threat activity to 2024.” They are as follows:
- “Ransomware is a persistent threat to Canadian organizations. Cybercrime continues to be the cyber threat activity most likely to affect Canadians and Canadian organizations. Due to its impact on an organization’s ability to function, ransomware is almost certainly the most disruptive form of cybercrime facing Canadians. Cybercriminals deploying ransomware have evolved in a growing and sophisticated cybercrime ecosystem and will continue to adapt to maximize profits.
- Critical infrastructure is increasingly at risk from cyber threat activity. Cybercriminals exploit critical infrastructure because downtime can be harmful to their industrial processes and the customers they serve. State-sponsored actors target critical infrastructure to collect information through espionage, to pre-position in case of future hostilities, and as a form of power projection and intimidation. However, we assess that state-sponsored cyber threat actors will very likely refrain from intentionally disrupting or destroying Canadian critical infrastructure in the absence of direct hostilities.
- State-sponsored cyber threat activity is impacting Canadians. We assess that the state-sponsored cyber programs of China, Russia, Iran, and North Korea pose the greatest strategic cyber threats to Canada. State-sponsored cyber threat activity against Canada is a constant, ongoing threat that is often a subset of larger, global campaigns undertaken by these states. State actors can target diaspora populations and activists in Canada, Canadian organizations and their intellectual property for espionage, and even Canadian individuals and organizations for financial gain.
- Cyber threat actors are attempting to influence Canadians, degrading trust in online spaces. We have observed cyber threat actors’ use of misinformation, disinformation, and malinformation (MDM) evolve over the past two years. Machine-learning enabled technologies are making fake content easier to manufacture and harder to detect. Further, nation states are increasingly willing and able to use MDM to advance their geopolitical interests. We assess that Canadians’ exposure to MDM will almost certainly increase over the next two years.
- Disruptive technologies bring new opportunities and new threats. Digital assets, such as cryptocurrencies and decentralized finance, are both targets and tools for cyber threat actors to enable malicious cyber threat activity. Machine learning has become commonplace in consumer services and data analysis, but cyber threat actors can deceive and exploit this technology. Quantum computing has the potential to threaten our current systems of maintaining trust and confidentiality online. Encrypted information stolen by threat actors today can be held and decrypted when quantum computers become available.”
Serious and somewhat scary stuff, but the good news is that you can take steps to protect yourself, your organization and your clients. In fact, that’s where we come in. We offer a wide variety of services such as Security Assessments and Audits, Security Incident Response Plans, Vulnerability Scans, tailored information security and privacy management programs based on ISO 27001 and more, so you can be confident that your organization is taking a sensible and proactive approach to cybersecurity.
New Cybercriminal Methods of Extortion
Ransomware has been around for a while. In essence, it involves a cybercriminal stealing data and encrypting systems, with a victim being forced to pay a ransom to regain access to their data and systems.
However, how cybercriminals use ransomware may be changing, which really grabbed our attention. The NCTA notes the following:
“We assess that over the next two years, cyber threat actors will very likely use a variety of extortion techniques against their victims to maximize their chance of receiving payment. Beyond encrypting systems and stealing data, in some instances ransomware operators will likely use additional techniques, such as threatening an organization’s partners or clients and distributed denial of service (DDoS).”
In other words, once they have your info, cybercriminals may use this data to threaten your clients and up the pressure in the hopes that you will be more likely to pay the ransom.
The best thing you can do is to remain vigilant and ensure you have appropriate measures and systems in place. If you find yourself the victim of a ransomware attack, contact a cybersecurity professional to determine the attack’s depth and the next best step. If you’d like to learn more about ransomware — read one of our previous blog posts on it here.
COVID-19 and its Impact on Canadians’ Internet Usage
In March 2020, as the COVID-19 pandemic really began to hit home in Canada, none of us knew what the next two and a half years might have in store for us. As businesses, organizations and institutions switched to remote working, we knew there would be some impact from a cybersecurity perspective, but we didn’t know the exact ramifications. Now, more than two years into the pandemic, a clearer picture is starting to emerge.
The NCTA outlines that “51% of Canadians received medical care online for the first time since the pandemic began”. Meanwhile, “daily internet usage has increased since 2020, and 64% don’t plan to unplug more often.”
This means “that the threat surface available to malicious cyber actors has expanded since 2020. The amount of data collected on individual Canadians today is significant. It will only increase as new technologies enter the mainstream, creating a wealth of opportunities for threat actors looking to steal sensitive personal information. Moreover, the global threat landscape is changing as nation states increasingly use cyber activity as a tool for strategic competition and conflict.”
Long story short, the cyber security environment has become more challenging over the last couple of years, and it is likely to become even more difficult in the years ahead. Every organization and individual using the Internet should take the threat seriously. It may be daunting, but starting today is better than waiting until there’s a breach or direct issue you need to deal with. And we’re here to help!
SeekingFire Consulting Inc. is proud to provide cyber security solutions to a variety of clients across Western Canada. We believe in making the world a safer, more secure place where people, organizations and communities thrive. Whether you’re a startup, a healthcare provider or a long-established post-secondary institution, we can help you keep your data, and the data of your clients and those who use your services, safe.
We offer a complimentary consultation to all prospective clients, so please get in touch to continue the conversation. We look forward to hearing from you!
Disclaimer
While we have made every effort to present accurate, unbiased and helpful information in this article, please note that it reflects the author’s opinion and is written for the purposes of general knowledge, information and discussion. This article is not intended as legal advice, nor should it be considered as advice specific to your individual data security situation. If you would like to discuss your cybersecurity needs in specific detail, please get in touch with us.
