Cybersecurity In Canada: The Basics

September 8th, 2021
Cybersecurity In Canada: The Basics

Cybersecurity is a complex topic and we want to make it easier for you to understand. In light of that, we’re going to look at who the cybercriminals that threaten your business are, why they engage in cybercrime, and how you can stop them.

Who poses a threat to cybersecurity?

Cybersecurity is complicated, and the entities who work to threaten cybersecurity (called cyber threat actors) have a vested interest in remaining anonymous. (That’s anonymous with a small a, not to be confused with the loosely-affiliated hacktivist group known as Anonymous.)

Cyber threat actors take many different forms, and the Government of Canada has provided an extraordinarily useful classification scheme for all of them. They are:

  • Nation-states with geopolitical motivations
  • Cybercriminals who work for profit
  • Hacktivists with ideological motivation
  • Terrorists, who have ideological motivations (like hacktivists), but who also intend to commit physical
    acts of violence

  • Thrill-seekers, who are motivated by novelty (the thrill of hacking)
  • Insider threats, who may be motivated by profit or discontent

    Obviously, your business may only have to contend with a few of these threat actors. You’re unlikely to encounter hack attempts by nation-states unless you have tremendous social or political influence. Hacktivists are also unlikely to target you, unless they find your business morally reprehensible (and with hacktivists, it’s always hard to tell).

    This means you’re most likely going to be contending with cybercriminals, thrill-seekers, and insider threats. Insider threats are perhaps the most insidious - they have the most access to your network, and are likely to know its weaknesses. Cybercriminals will attack anyone - your vulnerability to them depends heavily on your network security. Thrill-seekers, meanwhile, will likely only attack your business if some big, newsworthy event happens at your business - then, hacking you may seem more “fun”.

    Securing your network against cyber threats

    Threat actors will use any means at their disposal when they find a target. For most threat actors your business may be concerned with, the first step is finding the target in the first place - in this case, your business.

    Preventing external attacks

    There are a number of steps you can take to prevent your business from becoming the target of cyber attacks. These steps include:

  • Training employees in best practices, like using strong passwords (and different passwords for all of their accounts)
  • Updating your OS and software regularly (with automatic updates)
  • Limiting how much access users have (restricting privileges
  • Performing dark web and external security scans regularly
  • Ensuring your firewalls and other network security protocols are up to date

    Preventing internal attacks

    Insider threats are, in many ways, more insidious than threats from external actors. Here, we’re talking about intentional (malicious) insider threats, as opposed to those presented by ignorance. There are many steps you can take, including:

  • Revoking credentials for any team members who have left/been terminated
  • Knowing the signs of insider threats (employees trying to access data they wouldn’t normally, downloading data onto portable devices, requesting abnormal access, difficult relationships with employees who have unfettered network access, etc.)
  • Blacklisting all hosts and ports, and only whitelisting those you need
  • Using co-managed IT and MDR (Managed Detection and Response) to allow an impartial third-party to monitor your network, control credentials, and act on threats

    Reporting cyber threats

    You can report cyber threats and cyber incidents to the Government of Canada. In circumstances where you believe criminal activity is imminent, you can also report the activity to police - via 911 if it’s an emergency, or by calling your local police line for non-emergencies.

    Reporting cyber incidents, even after they occur, helps the government take stock of how many threats businesses face each year. It can also help them better understand what kinds of threats businesses are facing - which in turn allows them to deploy resources to help businesses better protect themselves.

    We’ve only scratched the surface of how cyber threats work - we could run several blogs on how malicious actors work and think, how you can guard yourself against the actors, and the ways in which the government gathers and disseminates data on these threats.

    If that information is of interest, let us know - we’re always looking for feedback to improve the resources we offer to you. And if you’re looking for IT services in Manitoba to help you better manage cyber threats - get in touch with us.