Cyber crooks increasingly targeting home devices: report
Cyber criminals are shifting their attention from traditional computers to internet-connected devices in Canadian homes, says the government's cyber security agency.
In its cyber threat assessment for 2018, the newly created Canadian Centre for Cyber Security says the growing number of devices connected to the internet like "televisions, home appliances, thermostats and cars" have become an attractive target.
"Manufacturers have rushed to connect more types of devices to the internet, often prioritizing ease of use over security," the centre wrote in its report made public Thursday.
"We regularly observe cyber threat actors exploiting security flaws in devices resulting in either disruption to device functionality or using devices as platforms to launch other malicious cyber activities."
Cybercriminals used thousands of devices connected to the internet — from baby monitors to air quality monitors and surveillance cameras — to launch a botnet attack in October 2016, the centre said.
"The botnet conducted a powerful Distributed Denial of Service (attack) that disrupted a major website domain manager, temporarily disabling some of the world's most popular e-commerce, entertainment and social media sites for millions of users."
Enterprising cybercriminals have even infected devices connected to the internet with malware to mine cryptocurrency — with the owner of the device often being oblivious to what is going on.
While cybercrime isn't new, the centre predicts cyber attacks on Canadians are going to rise in number.
"Stealing personal and financial information is lucrative for cybercriminals and is very likely to increase."
The centre said it sees cybercriminals becoming more organized and developing business-like processes.
Selling stolen information
"Cybercrime is now so prevalent and sophisticated that it sustains illegal online marketplaces," the centre wrote. "These cybercrime marketplaces offer illicit goods, stolen information and malware. Some cybercrime marketplaces even offer customer support and rating functions."
With the next federal election scheduled for 2019, the centre is also expecting other countries to use the web, botnets and troll farms to try to influence the opinion of Canadians and exploit divisions or controversies.
"Although major web platforms are making efforts to curb the negative effects of manipulative information sharing, the opinions of Canadians will remain an attractive target for cyber threat actors seeking to influence Canada's democratic processes."
The centre cited a CBC News report that found Russia's Internet Research Agency used its trolls to comment on Canadian issues like the January 2017 Quebec City mosque shooting and asylum seekers crossing the border in the summer of 2017.
The centre said Canadian businesses will continue to be attractive targets and increasingly their executives will be as well.
"Whaling occurs when an executive with authority to issue large payments receives a message appearing to come from a relevant department or employee, urging them to direct funds to an account controlled by a cyber threat actor."
Corporate espionage remains a threat, particularly for businesses in strategic sectors of the economy or which have attractive intellectual property or commercially sensitive information. Companies with large databases are targeted by cyber crooks who try to extort businesses by revealing confidential client information.
Paying cyber ransom
"Some businesses decide that paying a ransom is cheaper than the costs associated with ignoring a cyber ransom. Yet cyber threat actors can decide to delete, modify or release information even if a payment is made."
The increased availability of cyber tools and the increasing interconnection of devices has also made it easier to launch attacks on Canada's critical infrastructure, the centre said.
"State-sponsored cyber threat actors have conducted cyber espionage against critical infrastructure networks in Canada and allied nations. In Canada, these threat actors have conducted reconnaissance and intelligence-gathering in the energy, aerospace and defence sectors."
However, the other countries don't appear to be poised to do anything with that information — at least not yet.
"At this time, we assess it is very unlikely that state-sponsored cyber threat actors would intentionally seek to disrupt Canadian critical infrastructure and cause major damage in the absence of international hostilities."
Elizabeth Thompson can be reached at [email protected]