Cybercriminals are shifting their attention from traditional computers to Internet-connected devices in Canadian homes, according to the government's cyber security agency.
In its threat assessment for 2018, the newly created Canadian Center for Cybersecurity says internet-connected devices – such as a growing number of "televisions, appliances, thermostats and cars" – have become attractive targets.
"Manufacturers have rushed to connect more types of devices to the Internet, often prioritizing ease of use over security," the center wrote in its report released on Thursday.
"We regularly watch cyber threat agents exploit security holes in devices, resulting in the disruption of device functionality or the use of devices as platforms for launching other malicious cyber activities."
Cybercriminals have used thousands of Internet-connected devices – from baby monitors to air quality monitors and surveillance cameras – to launch a botnet attack in October 2016, the center said.
"The botnet conducted a powerful Distributed Denial of Service (DIS) that interrupted a major site domain manager, temporarily disabling some of the world's most popular e-commerce, entertainment, and social media sites for millions of users. "
Cybercriminals have even infected Internet-connected devices with malware to undermine crypto-addiction – with the device owner often forgetting what's going on.
Although cybercrime is not new, the center predicts cyber attacks on Canadians will increase in number.
"Stealing personal and financial information is profitable for cybercriminals and is very likely to increase."
The center said cybercriminals are becoming more organized and developing business processes.
Selling stolen information
"Cybercrime is now so prevalent and sophisticated that it supports illegal markets," the center wrote. "These cyber crime markets offer illicit products, stolen information and malware. Some cyber crime markets even offer customer support and sorting functions."
Speaking to reporters as the center's first report was made public, Scott Jones, the center's chief, said his organization is not trying to scare Canadians of new technologies. Instead, he said, the report serves to help Canadians and Canadian companies avoid becoming victims of state-controlled cybercriminals and hackers.
With the next federal election scheduled for 2019, the center also expects other countries to use the web, botnets and troll farms to try to influence Canadians' opinions and explore political divisions or controversies.
"While large web platforms are making efforts to contain the negative effects of manipulative information sharing, the views of Canadians will continue to be a compelling target for cyber-threat actors seeking to influence Canada's democratic processes."
The center cited a CBC News report that found that the Russian Internet Research Agency used its trolls to comment on Canadian issues such as the mosque shooting and the asylum seekers of Quebec City in 2017 in the summer of 2017.
Jones said the center plans to publish an update this spring on cyber threats to the Canadian election.
The center said Canadian companies will continue to be attractive targets for cybercrime – and their executives as well.
"Whaling occurs when an executive with the authority to issue large payments receives a message that appears to come from a relevant department or official, asking them to direct funds to a cyber-threat-controlled account."
Corporate espionage remains a threat, particularly for companies in strategic sectors of the economy or those with attractive intellectual property or commercially sensitive information. Companies with large databases are targeted by cybercriminals who try to extort business by revealing confidential customer information.
Paying Cyber Rescue
"Some companies decide that paying a ransom is cheaper than the costs associated with ignoring a cyber-rescue. However, cyber-threat agents may decide to delete, modify, or release information even if a payment is made."
The increased availability of cybernetic tools and the increasing interconnection of devices have also facilitated the launch of attacks on Canada's critical infrastructure, the center said.
"State-sponsored cyber-threat actors have conducted cybernetic espionage against critical infrastructure networks in Canada and allied nations. In Canada, these threat agents have led to intelligence and intelligence gathering in the energy, aerospace, and defense industries."
Speaking to reporters, agency officials said state-sponsored actors may have gathered enough information to break critical infrastructure networks.
However, they said they believed that other countries did not seem to be prepared to do anything with this information – at least not yet.
"At this point, we have assessed that it is very unlikely that state-sponsored cyber-threat actors will intentionally seek to disrupt Canada's critical infrastructure and cause great damage in the absence of international hostilities," the report said.
While the center was willing to talk about cyber security threats to Canada, Jones was quiet when it came to questions about Chinese telecommunications giant Huawei and fears expressed by experts that it could take advantage of new 5G networks to spy on Canadians .
While Jones said the government gave him a mandate to study the company's security risks and a deadline for reporting, Jones declined to say repeatedly when the report should be turned over.
Jones also was reluctant to say whether the arrest of Huawei's chief financial officer, Meng Wanzhou in Vancouver on behalf of the United States, could lead China to retaliate with cyber attacks, or if the center has seen some increase in cyber attacks since its arrest.
"We always have to be resilient, no matter what the trigger, so we increase our resilience against any form of malicious cyber activity that we can face as a nation."
Elizabeth Thompson can be reached at [email protected]