Canada's critical infrastructure 'area of ​​growing concern' Blackberry report says

Canada's critical infrastructure 'area of ​​growing concern' Blackberry report says

David Matson, director of enterprise security for Darktrace, says that during a severe double extortion ransomware attack on his organization, it was difficult for the person at the other end of the line.

It began with a single ransom payment meant to unlock encrypted files. A single payment turned out to be two, but ultimately, it didn't matter that the purse was empty - the hackers installed crypto-mining malware on their networks and made money this way.

Masson cannot elaborate on the victim in more detail, but he says he hears changes from that story from IT teams around the world. Particularly disturbing are the stories, and like other high-profile attacks, of the filmless cyberbatches against Equifax in 2017, which led to the theft of more than 140 million people of data, against the nation's critical infrastructure Has laid the groundwork for an equally devastating cyber attack. The world saw a glimpse of the calm devastation in healthcare last year, he recalls.

related:

MapleSEC Satellite 2021: Emerging threats set to target critical infrastructure [full story]

 

In October 2020, a Finnish psychiatry center attacked its system and stolen patient data. The attackers not only demanded a ransom from a psychiatry center, they also personally contacted patients seeking a 200-euro ransom in bitcoin. Closer to home, York University of Ontario succumbed to a ransomware attack last May after announcing a $ 250,000 COVID-19 research fund. The manufacturing sector is also a popular target as everything they are assembling from factory floor to cars is connected to the Internet.

Massone told ITWorldCanada.com, "They are exploiting the strong sense of duty of these organizations to supply a service and to ensure there is no break in that service." "They know that if they hit a hospital, the hospital will do whatever it takes to get the hospital back online or whatever it disrupts the service to work again. You can do it. We hear from the municipalities all the time: to pay all we had to do as soon as possible. '

According to Blackberry's 2021 Threat Report, it is a vicious cycle of events that is causing more attacks against critical infrastructure, and Canada is on the verge of going blind.

Wake up canada

BlackBerry researchers did not state the wording in their threat report: "Canada's critical infrastructure strategy has not been updated since 2009 and is not ready to deal with today's cyber-based threats."

The National Strategy for Critical Infrastructure mentions cyber security as zero, and under significant infrastructure risk, the document cites only natural disasters. Mason says that the operational technology that operates most of Canada's critical infrastructure has never had to worry about a cyber attack unless security was compromised by taking care of a stack of unsecured IoT devices.

"[An operational technology] is becoming increasingly interconnected, which means attackers can wander around IT networks and look at OTs," he said.

Theo Zafirkos, CISO at Terranova Security, acknowledges the challenges that come with the merger of the IT and OT worlds, but says that the need for training and competence is not to be denied at all levels of the organization.

"Organizations also face the challenges of training employees in operational roles where they use and operate connected technologies, but it is more difficult to access awareness messages," Zafirakos wrote in an email. “This is why every safety and security strategy should focus on testing people, process and technology. Awareness covers the aspect of people. "