Cybercrime is on the rise, here’s how to fight it

For as long as there has been an internet, there has been cybercrime. Over the past three decades, the two have been playing a long-standing cat-and-mouse game, growing more sophisticated with every attack-defense loop.

In recent years, the COVID-19 pandemic sent this cycle into overdrive as remote work led to the swift adoption of digital technology – and consequently, surging cybercrime. In the first half of 2021 alone, the Government of Canada’s Communications Security Establishment (CSE) recorded a 151 per cent increase in global ransomware attacks, compared to 2020, while CyberEdge Group’s Cyberthreat Defence Report found that a staggering 85 per cent of Canadian businesses experienced at least one successful cyberattack in 2021, up nearly 8 per cent year over year and putting Canada in the Top 10 globally.

The modern cyber-threat actor is enabled by a supply chain ecosystem that jeopardizes personal, economic and national security. According to a recent report, The Evolution of Cybercrime: Why the Dark Web is Supercharging the Threat Landscape and How to Fight Back, as innovations such as AI and quantum computing become more accessible to criminal groups and nation states, these dangers will only compound and grow exponentially.

The government tabled Bill C-26 to ensure industry keeps up with this ever-progressing danger, however the gears of government are simply turning too slowly for most Canadian companies. With the possibility of cyber-attack increasingly becoming ‘when’ not ‘if,’ Canadian organizations must master security basics, plan for the worst, and encourage collaboration across industries to properly prepare for more sophisticated cybersecurity threats.

The advancement of cybercrime

Once the domain of hobbyists, cybercrime has grown into a specialized criminal pipeline. With the introduction of commoditized malware kits in the 2000s, bad actors of all skill levels can engage in nefarious digital exploits, such as bank fraud; enabling skilled individuals to take advantage of vulnerabilities in emerging technology. More recently, these actors have pivoted to data denial and destructive attacks, embracing ransomware and leveraging “as a service” models for financial benefit.

Today, the ability to exploit network access is rapidly expanding, lowering prices and barriers to entry. In fact, a recent analysis of underground markets revealed that compromised remote desktop protocol (RDP) credentials sell for just $6.50 each, while nearly all advertisements relating to exploits claim they are available for under $10. Moreover, the analysis also concluded that merely 2-3% of sellers are coders, reducing cybercrime to a series of accessible, replicable procedural measures.

Peering towards a digital future

Where does cybercrime go from here? In the foreseeable future, hackers will continue to take advantage of the rapid expansion of corporate attack surfaces, conceivably raising the stakes with extortion schemes timed for maximal disruption.

Emerging technology will also play a role. Quantum computing could be deployed to boost decryption efforts. The Web3 vision of a decentralized, blockchain-based internet may make it easier to evade authorities. And artificial intelligence could be used to automate the selection of targets from a victim’s address book and build highly convincing spear-phishing attacks based on previous communications, helping to improve ROI.

As cybercrime grows in sophistication and scale, so too must the vigilance in its prevention.

Fighting the growing cybercrime machine

We all must play a more active role in combating the rise of cybercrime. For Canadian organizations, this means following a three-part action plan: mastering the basics, planning for resilience, and collaborating to reduce risk.

Mastering the basics entails following best practices such as multi-factor authentication, IT asset discovery and management, vulnerability management, and controls to restrict what can be installed on company property. Moreover, it means prioritizing self-healing hardware to boost resilience in the event of a breach. In addition, organizations must shut off common attack routes, such as those delivered via email and the web, which could be neutralized through techniques such as threat containment and isolation.

Planning for resilience means preparing for the worst-case scenario, putting the processes in place to limit supply chain and insider risk, and practicing incident response repeatedly to detect, prevent, and recover from any attack before it gets serious.

Finally, organizations should collaborate with peers, invest in third-party security assessments and penetration testing as well as gather and share threat intelligence with industry peers for a better overall understanding of the current and future landscape.

With our digital world becoming further interconnected by the minute, Canadian organizations would do well to future proof their business by prioritizing building greater cyber resistance. The World Economic Forum has identified cybercrime as one of the greatest risks facing the world in the coming decade. If vigilant, Canadian organizations can implement effective strategies to take on and defend the current and future scourge of cybercrime.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Mary Ann Yule
Mary Ann Yule
Mary Ann Yule is the President and CEO of HP Canada Co., a seasoned leader in the technology industry, with more than 20 years of experience. She is a trailblazer in innovative personal systems and printing technologies, including 3D printing, digital manufacturing, and related services and solutions. Since joining HP in 2016, her proven track record of driving results continues to deliver breakthrough market outcomes across HP’s portfolio. Mary Ann is credited with establishing HP as the most sustainable technology company in Canada as well as one of Canada’s Best Diversity Employers. Mary Ann is committed to spearheading inclusive best practices both as the co-executive sponsor of the Global Young Employee Network at HP as well as a founding member of The Coalition of Innovation Leaders Against Racism (CILAR). She holds a Kellogg-Schulich Executive MBA from the Schulich School of Business in Toronto, attended Ryerson University, and holds numerous professional accreditations, including Six Sigma Executive Champion.

Featured Download

IT World Canada in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Latest Blogs

Senior Contributor Spotlight