Sami Khoury
Head, Canadian Centre for Cyber Security
It’s hard to read the news without noticing the rise of cybercrime, especially ransomware. Large organizations are being asked for increasingly larger sums of money after their data is compromised or stolen. These incidents are making daily headlines around the world.
As noted in our National Cyber Threat Assessment 2020 report, the technology used and the knowledge needed to perpetuate ransomware campaigns is readily available at low costs for cybercriminals. This makes it easy for them to cast a wide net, not usually against specific targets seeking a financial profit.
Targeting larger businesses, or “Big Game Hunting,” is when cybercriminals go after big enterprises that cannot tolerate disruptions and are likely to pay large ransoms to restore operations.
But don’t be fooled – it isn’t just large businesses being targeted. Small and medium businesses, and individuals too, are just as likely to fall victim to cybercrime. They just don’t make it into the news.
Going after several smaller entities all at once is simpler and can still yield a big payoff. Especially now, with many businesses depending on employees with home-based tools that might not be as secure as they would be at the office.
Many ransomware incidents can be mitigated with simple cyber security knowledge and best practices.
For example, old or unpatched software can lead to easy access to business networks. Employees not being familiar with how to recognize phishing emails and possibly compromised attachments can also lead to a serious breach. Basic passwords, re-used on many accounts, are easy entry points for cybercriminals to get access to your information.
These are simple and effective tips that can help protect you from common cyber incidents.
You can improve your baseline cyber security defence, making it harder for cybercriminals to compromise your business. A harder target usually means cybercriminals need more resources. More resources mean time and money, which makes you less worth their while. It won’t make you invincible, but it helps make your business a less attractive target.
At the Canadian Centre for Cyber Security (Cyber Centre), we have plenty of resources available to help. Resources that can help prevent an attack and keep your business safe and secure, as well as guidance on better-educating employees on cyber security awareness. If you’ve fallen victim to a cyber incident, you can find advice on how to respond, and report it via our new Incident Reporting portal. Reporting cyber incidents helps us and our partners make sure other Canadian businesses don’t fall victim to the same crime.
Our collective goal is to make Canada’s cyberspace a harder target for cybercriminals. We can achieve this goal by using strong cyber security practices within our organizations, workforces, and communities. By working together, we can make it happen. This will help save your business money in the long run from a costly cyber incident. It will keep your data secure. And it will keep your clients’ and customers’ information safe. Canada’s cyber security is a team effort.