National Post Data Security Campaign

March 22, 2018
Author : Ted Kritsonis Via Mediaplanet
Source : IndustryandBusiness.ca

Alexis Dorais-Joncas

Security Intelligence Team Lead at ESET

Smarter Protection Key to Battling New Malware Threats — With businesses embracing the Internet of Things (IoT), a greater level of connectivity should provide an impetus to prepare for inevitable cyberattacks.

A Forbes report found that 32 percent of top tech CEOs felt IT security was among the greatest challenge their companies faced—a concern compounded by new malware attacks aimed at exploiting vulnerabilities.

Malware family

Gamarue is an example of a “malware family,” which means that it’s the codebase for different variant strains to create botnets to launch cyberattacks. Available for sale in underground markets, it is possible for anyone to buy it and build their own botnet, says Alexis Dorais-Joncas,  Security Intelligence Team Lead at ESET, an IT security firm.

“Last year alone, there were about 500 different people who acquired the [Gamarue] kits and deployed it in the wild to control their own little botnets,” he says. “We pooled our telemetry data with other partners and built a list of domain names and addresses used to control the botnets. With help from multiple law enforcement agencies around the world, we were able to seize control of many of these domain names and IP addresses and redirect all the traffic into one sinkhole server.”

A sinkhole is one large server that accepts connections from the infected machines and keeps them dormant. It records who is connecting to it, allowing ESET to determine the total scope of infections around world.

Protective practices

Protection against this type of “crimeware” needs to be multifaceted because it will get into the company network through the weakest link, he adds. Large organizations with a big staff are especially vulnerable even if only a few employees are careless.

“There’s no one solution to block every infection vector, so companies should be on the lookout for the latest threats and how they work,” he says. “All the same/best practices apply—patching workstations with the latest software, anti-spam and malware blocks at the email gateway and deploying endpoint and network protections like firewalls.”

Ted Kritsonis


Paul Butcher and Jim Stechyson

Co-Founders at HostedBizz

How Businesses Are Getting One Step Ahead of Cyberattacks — Cyberattacks, like ransomware, have become a daily threat to organizations of all sizes. IT security teams struggle to keep up with the changing threat profiles and constant attacks leaving organizations vulnerable to cyber threats such as phishing, vishing, whaling, and other internet crimes.

“Cybercrime is a booming business, and the latest techniques used by cybercriminals have an impressive ability to manoeuvre past traditional security defences,” says Jim Stechyson, co-founder of HostedBizz, who, along with business partner Paul Butcher, runs one of Canada’s leading cloud service providers. “Despite the best efforts of IT teams to protect their organizations with traditional perimeter defence systems, the key to better data and security protection lies with systems and processes that assess vulnerabilities, educate end users on them, and include data protection strategies that ensure full recovery,” adds Butcher.

The co-founders agree that using a multi-layered approach to data security and protection that includes a commitment to ongoing end user education and testing to identify potential threats plays a big part in reducing the risk of cyberattack and penetration. The following tactics to augment an organization’s security and defence are essential:

  • Assess vulnerability by conducting phishing simulations. These provide valuable insight into risk. They also identify where education and testing programs should be implemented to raise awareness and train users on how to recognize and react to potential threats. These simulations are often available through service providers and are surprisingly affordable.
  • Build a protection plan that includes the ability to restore infected data and systems into a pre-attack production state. Data backup policies that include an offsite copy with a DRaaS provider ensure 100 percent confidence that critical systems can be recovered onsite or in the cloud promptly should a significant corporate-wide security breach occur.

Paul Butcher
Jim Stechyson


Bob Gordon

Executive Director, CCTX

Bringing Together Board, Business, and IT —Protecting digital assets is challenging for all companies, especially when dealing with evolving cyber threats — pushing executives to stay two steps ahead.

The most valuable asset in most instances is a company’s digital data, notes Bob Gordon, Executive Director of the Canadian Cyber Threat Exchange. However, emerging trends indicate that cyber threats are no longer solely about extorting a ransom from compromised firms.

“A company executive or business owner needs to have a good understanding of what the critical information is within their organization,” says Gordon. “What kind of data could they lose that would cost them their competitive edge? Where is that information stored and who has access to it? Making that data accessible across the spectrum of the business widens the risk, because every end user and workstation becomes a potential door into corporate IT systems.”

He adds that many of the cyber breaches that took place earlier last year could largely have been prevented had patches been installed on the infected systems ahead of time. Canadian boards are becoming more engaged and assessing cyber threats in the same way they look at traditional risks.

“It has to become a board level issue because it’s a business issue,” says Gordon. “This is not just an IT problem — if you leave it solely in the realm of IT professionals, you’re not going to solve it. You need the business side to get involved, from the board all the way down.”

IT departments can’t make those decisions, he adds. The business unit determines what data and processes are critical, making decisions about the risks and solutions involved should it be compromised.

“It’s a three-way conversation: board, business units, and IT,” says Gordon. “And the question is not if you will be attacked, but when.”

Ted Kritsonis


Scott Jones

Deputy Chief of IT Security, Communications Security Establishment

Government Announces New Canadian Centre for Cyber Security — In today’s world, digital technologies and the internet are increasingly important to innovation and economic growth. Accordingly, cybersecurity has become a mainstream issue in both the public and private sector alike, and to Canadians more generally.

Cyber compromises, when they occur, take up time, money, and other valuable resources. They can impede the government’s objectives, damage an organization’s trust and reputation, and affect the personal information or finances of individual Canadians.

Cyber threats evolve at an incredible pace and the challenge of protecting cyber systems and information will get a lot harder in the future. With advances in technology such as quantum computing, the future is quickly becoming today’s reality.

To combat cyber threats, the Government of Canada has announced the creation of the new Canadian Centre for Cyber Security (the Cyber Centre) in Budget 2018. As part of the Communications Security Establishment (CSE), the Cyber Centre will be a single unified source of expert advice, guidance, services and support on cyber security operational matters. It will be outward-facing, open to collaboration with industry partners, and a trusted resource for faster, stronger responses to cybersecurity incidents.

With the Cyber Centre, Canadians will have a clear, unified, and trusted place to turn to for cyber security issues.

This important investment will benefit all Canadians as it reinforces federal government cyber security capabilities and improves the detection of, and response to, continually evolving cyber threats. The pervasive and interconnected nature of the internet means we must all think of cyber security more often, and work together to raise our collective defences.

The Cyber Centre will be the country’s authority on cybersecurity operations and together with industry partners, will be better prepared to take on complex, ever-evolving cybersecurity challenges— because it’s everyone’s business.

Scott Jones



IF YOU ARE INTERESTED IN JOINING THIS GROUP OF LEADING ORGANIZATIONS that are shaping the future of cyber security in Canada, please fill in your application form here

For any inquiries, please contact us at info@cctx.ca.

CANADIAN CYBER THREAT EXCHANGE

1600 James Naismith Drive, 1st floor
Ottawa, Ontario K1B 5N8

1600, ch. James Naismith, 1ère étage
Ottawa (Ontario) K1B 5N8

+1-613-747-2283 — www.cctx.ca