Cyber Criminals Moving Operations to Canada
Websense uncovers 300% increase in hosted crimeware coming from our friends to the north.
Cyber criminals are on the move again and Canada is the preferred relocation haven. Information security firm Websense recently conducted an analysis of Canada's cyber security risk profile and all trends pointed to Canada as the new launch pad for cyber criminals.
IP addresses in China and Eastern Europe are highly scrutinized and undergoing intense evaluation. Hackers react by moving their networks to countries like Canada that have cleaner cyber reputations.
"More malicious content is being hosted in Canada than ever before," said Patrik Runald, senior manager of Security Research for Websense, in a statement. "Cyber criminals are taking advantage of Canada's clean cyber reputation, and moving shop. We're seeing all time highs for both hosted phishing sites and bot networks. It is important for Canadian citizens to be extra vigilant on the Internet, taking extra precautions when clicking on links."
Canada saw a huge increase in the number of servers hosting phishing sites, jumping 319 percent in the last year. This tremendous increase over the last 12 months is second only to Egypt in terms of the growth of sites hosting phishing. The U.S. is still No.1 followed by Canada, Egypt, Germany and the UK.
Cyber criminals are moving their command and control centers to safer grounds. In the past eight months, Canada witnessed a 53 percent increase in bot networks. Canada is the only country that showed an increase in bot networks over the last eight months, when compared to the countries above.
In 2010, Canada was No. 13 in the world for hosting cyber crime, and in 2011 Canada jumped to No. 6. The U.S. was No. 1 followed by Below is the breakdown:
Tips for protecting your businesses
Protect outbound and inbound channels - In today's borderless enterprise, it's not enough to defend against real-time threats coming from outside your perimeter (a quaint concept in today's mobile world). An effective solution must prevent modern malware and provide visibility and control of corporate information both coming in and going out of an organization. Implement a technology that can inspect and control content over the Web and email, your two primary communication channels. According to Websense research, data loss via the Web is four times more likely than email.
Understand what data is important to you and how you want to protect it - Understand what is important for your business, and what damage it would cause if it went missing. Implement an effective data loss prevention (DLP) solution, so even if the bad guys get in, that doesn't mean they can walk out with your data.
Make sure your enterprise is content-aware and content-secure - Blended and data stealing attacks are on the rise. Content security is crucial for defending against modern threats, which often bypass traditional perimeter and endpoint security. Enterprises today need a security solution that can identify, classify, and understand content on the fly, wherever it travels. This helps protect it from attack, theft, and misuse.