Taking a mega bite out of cyber crime

By Jennifer Traer

The Trillium Network Council PDX Committee hosts a monthly virtual café to foster engagement and promote wellness through positivity. Associations are built on their connections, and the knowledge and support are shared within those boundaries. Feel Good Fridays are an opportunity to develop these connections – something that’s needed more than ever as we find ourselves in what we are hopeful are the final stages of the pandemic.

On February 25, 2022, Feel Good Friday welcomed Bob Gordon, Advisor of the Canadian Cyber Threat Exchange (CCTX).  Bob’s presentation covered what is cyber security, who’s doing it and how to enhance protections for associations. 

Who is doing the attacking and what is the goal? 

“Russia, China, North Korea, and Iran are the primary attackers,” says Bob, adding that cyber-attacks are occurring within Canada. Cybercriminals are trying to influence and shape what is going on in the international environment. Typically, these attackers are after some of the activities of a more economic nature and want to pass this information along to their business organizations. Once inside your system, they want to stay for a while. 

Bob emphasizes that cybercrime is now operating as a business as criminals have a meagre chance of getting caught. Cryptocurrencies have facilitated paying criminals. As of 2017, ransomware is offered as a service to criminals. Unfortunately, Canada rates as one of the biggest countries connected to ransomware. In 2021 67% of cyber security involved ransomware. It’s incredibly lucrative for criminals. Typically, insider threat employees, contractors, vendors are both parts of the first line of defence and a potential threat. Working remotely has compounded the security dynamics for insiders.

Cybersecurity is an incremented threat among information technology. Bob said we’re starting to see that operational technology connects with information technology. Organizations need to start having conversations amongst departments to ensure these cyber threats can be stopped.

Just under 30% of Canadian businesses are seeing increased cyber-attacks. A small business doesn’t have the defences against possible cyber-attacks or resources or insurance to help recover if an attack occurs. It’s important to realize that cyber-attacks can happen to any business if the information is of value to your association (i.e., contacts, passwords). No matter the size of the operation, every association is susceptible to ransom attacks, according to the Canadian Cyber Threat Exchange (CCTX).

What are we doing about it?

Technology has become the enabler. Behind all these attacks is a person, and that’s who we want to go after. The private sector has found that getting together and sharing best practices is the key to maintaining awareness and building cyber resilience. It’s cost-effective along with leveraging the knowledge of others because no one person or company can do it alone.

Key takeaway questions

Does your organization have a cyber security plan? Who is responsible? Is your team ready when a cyber-attack hits? 

Resources

Bob adds that Canada is getting better at actively engaging the private sectors which has resulted in the development following organizations:

  • Canadian Centre for Cyber Security
  • RCMP National Cybercrime Coordination Unit (NC3)
  • Innovation, Science, and Economic Development Canada
  • Canadian Internet Registry Authority (CIRA) Canadian Shield is a free protected DNS service that prevents connecting to malicious websites with threat intelligence provided by CCCS . 

Next up: March 25, Feel Good Friday with Laura Williams, discussing returning to the workplace in a post-Covid world. Register now

Jennifer Traer is a senior member of the team at BB&C Management Services Inc. She sits on CSAE Trillium Network Council and co-chairs the PDX committee.  Learn more about Jennifer at https://www.linkedin.com/in/jennifer-traer-cae-des-26210418/