Follow ISA Cybersecurity on LinkedIn for the latest cybersecurity news
Weekly CyberTip: Can you spot the signs of a potential malware infection?
Despite safeguards and best practices, malware can still slip through onto your computer. Would you know the signs of potential infection? Watch for any of the following behaviours on your system: they may be an indication that a problem is brewing, and that you should bring the matter to the attention of a system administrator as soon as possible:
- unfamiliar or missing desktop shortcuts or icons
- sluggish performance of browser or computer over-all
- inability to run or update anti-malware software
- unexplained lack of storage space
- constant CPU or disk activity even when the computer should be idle
- unexpected toolbars, plug-ins, pop-ups
- random web pages opening, or new home page in browsers
- unexpected warnings, pop-up ads or upgrade offers on the computer
- unusual error messages or frequent program/computer crashes
- mouse icon appears to move on its own
Report: Only 9% of Canadian companies have mature readiness to face cyber attack
In a report released March 21, Cisco researchers estimate that only 9% of Canadian companies surveyed have mature cyber programs and processes in place to face cyber attack. American companies fared little better at just 13%; the global average came in at 15%.
The report was based on self-assessments from 6,700 companies in 27 jurisdictions around the world. Companies were ranked according to their responses to questions regarding five target areas: identity, devices, network, application workloads, and data. The weighted responses were used to determine four levels of preparedness: mature, progressive, formative, and beginner. 57% of Canadian companies surveyed were categorized as beginner or formative.
The consequences of being ill-prepared are real: “51% of respondents in Canada said they had experienced some kind of cybersecurity incident in the last 12 months, compared to 57% globally. The incidents cost 34% of Canadian organizations affected at least US$500,000 or more, compared to 41% globally who had similar costs,” according to the report.
On the bright side, a large majority of Canadian security leaders are aware of the risks, with 78% of Canadian organizations having plans to increase their cybersecurity budget by at least 10% over the next 12 months. But plans must turn into action, warned the report: “Closing this cybersecurity readiness gap must become a global imperative. We cannot afford to fall further behind as the shift to hybrid continues to accelerate. The impact on businesses, customers and society will only increase amid an explosion of hybrid threat vectors and an increasingly complex threat landscape. While some progress has been made, not enough firms are cybersecurity-ready to take on the challenges that our hybrid world has created.”
Experts warns U.S. government of growing cyber risks in healthcare
On March 16, the U.S. Senate Homeland Security and Governmental Affairs Committee heard testimony from an expert panel of healthcare cybersecurity professionals highlighting the increasing number and severity of cyber attacks on the healthcare sector, putting patient and staff data at risk. The panel quoted a December 2022 study conducted by researchers at the University of Minnesota which indicated that ransomware attacks on American hospitals more than doubled between 2016 and 2021.
Among the panelists was Greg Garcia, Executive Director of the Healthcare and Public Health Sector Coordinating Council Cybersecurity Working Group. Garcia’s statement referenced a number of useful resources for healthcare organizations, including the newly revised HPH Sector Cybersecurity Framework Implementation Guide, the new HSCC guide on managing legacy IoMT technologies and devices, and the launch of an eight-part YouTube series of called “Cybersecurity for the Clinician” aimed at educating healthcare professionals on the importance of cybersecurity.
“Cyber attacks on hospitals, and other healthcare providers, can cause serious disruptions to their operations, and prevent them from effectively providing critical, lifesaving care to their patients. Breaches can also lead to the exposure of sensitive personal and medical information of patients and health care personnel,” said committee chair Senator Gary Peters (D-MI) in his opening remarks. “Given the threats facing this sector, and the potential life or death consequences, there is no question that investments in healthcare cybersecurity are also investments in patient care.”
Peters and Senator Rob Portman (R-OH) have been instrumental in leading change to American cyber policy. Their 2022 bill made it mandatory for critical infrastructure owners and operators to report to the Cybersecurity and Infrastructure Security Agency (CISA) with 72 hours if they are experiencing a substantial cyber attack, and within 24 hours if they make a ransomware payment. On March 15, the day before the panel addressed the Senate, their provision was signed into law as part of the government’s funding legislation.
Globe & Mail Report: Work still needed to shore up Crown corporations’ cybersecurity
According to reporting by the Globe & Mail, the Canadian government has made little progress on improving the cybersecurity posture of Canada’s Crown corporations, despite a 2021 report that identified a range of concerns regarding protection of some 75 Crown corporations and government interests. The original report found that “the gap in the government’s cyber defence framework is found among the 75 federal organizations not subject to Treasury Board direction in this area… These organizations remain outside of the government’s secure perimeter and the protection of CSE’s cyber defences.”
The report found that the gap in oversight potentially “leaves those organizations worryingly vulnerable to the loss of their own data and, where they maintain electronic links with related federal departments, to inadvertently act as a vector into the government’s protected systems, putting the government’s data and systems at risk.”
In the official response to the report, published in redacted form in February 2022, the government wrote: “The Treasury Board of Canada Secretariat will review the Treasury Board policy framework to ensure that cyber defence is applied equally to departments and agencies to the greatest extent possible.” However, according to sources quoted in the Globe & Mail report, no progress has yet been made on this area.
In another recommendation from the report, the Enterprise Internet Service (EIS) provided by Shared Services Canada (SSC) was to be expanded to all government entities. The EIS provides secure Internet connectivity to users, with built-in threat monitoring from Canada’s Communications Security Establishment (CSE). Shared Services spokesperson Jean-Pierre Potvin reportedly advised that only 10% of federal entities are currently using the service.