(844) 627-8267 | Info@NationalCyberSecurity
(844) 627-8267 | Info@NationalCyberSecurity

Canada is not ready for the cybercrime era | #cybercrime | #infosec

Gateway Casinos has gone through a lengthy period of closure of its 14 properties in Ontario, the consequence of a cyberattack that targeted the organization’s IT system — and it may be indicative of an increased need for cybersecurity training throughout the country.

Gateway Casinos London, among the 14 Gateway-owned casinos in Ontario, was shut from mid-April to Monday due to a cyberattack on its IT apparatus. Locations were abruptly closed on Sunday, April 16, at 2 p.m. due to a malfunctioning IT system.

Gateway representatives verified that a malicious cybercriminal organization was responsible for the cyberattack, which resulted in a ransomware attack on the corporation’s network systems, causing severe disruptions.

Ransomware is a type of malware that secures all files on a system behind a password, denying access to the user until a fee is paid. Of course, when dealing with criminals, there’s no guarantee that your files will be accessible even after paying the ransom.

Despite the recommendations of various world governments and agencies to refrain from paying ransom, many businesses choose to pay in order to expedite the restoration of their IT systems and continue operations.

Gateway, much like many other corporate entities affected by ransomware, will not disclose whether it paid a ransom.

The assault on its IT infrastructure appears as the Canadian gambling sector is regaining strength following the pandemic. Amid waning in-person turnout, the provincial government introduced legal online casinos in Ontario to great effect, with around $1.4 billion in gaming revenue in the first year alone, according to the regulatory authority iGaming Ontario.

The Canadian internet Registration Authority (CIRA) runs a survey among businesses and cybersecurity experts each year, in which they seem to conclude that Canada isn’t ready for new cyber threats. The 2022 survey showed that 22 per cent of organizations had been victims of a successful ransomware attack in the previous 12 months.

Perhaps most concerningly, 96 per cent of IT professionals in the survey indicated their organization undertakes minimum cybersecurity training annually. The survey also raises a valid query — is this training designed to protect user data and organizations from criminal activity or merely from legal culpability in the event of a breach?

Furthermore, phishing is still the most common entry point for ransomware attacks. Phishing is one of the oldest and simplest forms of internet scam. The term phishing has been reliably tracked to 1995 and possibly earlier.

A phishing scam causes a victim to reveal sensitive information, such as passwords or security answers, or to install software on the system — ransomware being a common favourite. Spam emails designed to look like they come from reliable sources such as co-workers are familiar to many of us and pose a serious threat to security for organizations and individuals.

While phishing has become more complex over the years, the computer literate often find the scam simpler to avoid. Experts advise several simple steps, such as double checking the email address the email is coming from, up to and including contacting the individual by alternate means to check that the email is legitimate.

How effective can cybersecurity training be if this extremely basic vulnerability is still being reliably exploited?

2022 was widely considered a critical year for cybersecurity, and although Canada has not taken sufficient steps yet, we are by no means over the hill.

Digital literacy is now a cornerstone skill in Canada, and the importance of dedicated funding only increased exponentially during the pandemic. With cybercrime on the rise, it may be time to fully invest in Canada’s digital future, starting with safety, security and skills for all.

Archie Williamson is a former research analyst for London-based 6point6. Troy Media

Source link


Click Here For The Original Source.

National Cyber Security