2018 was a big year for cybersecurity, both good and bad. Here are the highlights.
A lot happened this year in cybersecurity. The good news is that cybersecurity is more mainstream than ever before. The bad news is that the tools and tactics used by hackers are more accessible than ever.
Here are six things we learned about cybersecurity in 2018, with visual aids.
1. Tales from the Crypto: Bitcoin threat emerges
One of the advantages of having access to DNS data for thousands of DNS Firewall customers is our ability to see trends and patterns in the threats they are experiencing. In early 2018, we noticed a 115 times increase in the number of queries from Bitcoin miners. While some Bitcoin miners are legit, hackers are now using this technique to hijack corporate systems to mine cryptocurrency for them.
2. Mind the gap: Are SMBs being left behind?
Cybersecurity is big business but what about small businesses? That’s one of the questions we sought to answer with our Fall 2018 Cybersecurity Survey. For large enterprises, the resources, people, money and tools to protect themselves against hackers are well known. However, for small and medium-sized businesses, resources are far more scarce. For example, we found that while 82 per cent of larger organizations offered cybersecurity training, only 54 per cent of smaller ones did. That is a significant resource gap that small business must overcome.
3. Hack the planet: Cyber attacks intensify.
While it is tempting to declare that 2018 was the year when cyberattacks became ubiquitous, perhaps we just finally started paying attention. Even if we restrict ourselves to only Canadian hacks, the list is pretty long. Here are a few interesting ones that all Canadians heard about in the headlines:
- Simplii/BMO: “This is the first big public bank hack in Canada. Much like any new Batman movie, no matter how awful it is, it gets attention.”
- Unlimited Foods: “This hack took a bite out of a number of prominent Canadian restaurants including Swiss Chalet, Harvey’s and East Side Mario’s. It must have cost them a pretty penne.”
- Marriott: “Though this hack is not Canada exclusive, Canadians shouldn’t sleep on the risk of exposing their data to global corporations. This is a wake up call.”
4. We have a plan! National Cyber Security Strategy announced
Cybersecurity requires vigilance from everyone who runs a network, or anything connected to the internet really. However, one thing lacking up until now was a coordinated strategy from the government. In 2018, we saw a lot of movement on cybersecurity at the federal level. The 2018 budget set aside $500 million over the next five years to battle cybercrime. As part of that commitment, the Canadian Centre for Cyber Security was formally launched in October. Additionally, we saw the federal government table its National Cyber Security Strategy in June which will form the basis of a number of programs and policies going forward.
5. I know what you did last summer: Privacy laws strengthened
The year has been littered with headlines about privacy breaches and abuses of power from some of the world’s most powerful brands (*cough* Facebook). While joining the #DeleteFacebook campaign might be one solution, another great one is having stronger regulations about what these companies can do with your data. Offering similar protections as Europe’s GDPR but with smaller fines, the changes to the Personal Information Protection and Electronic Documents Act (PIPEDA) go a long way to protecting the privacy of Canadians. Expect to see more on this subject in 2019 as many are already calling for the regulations to get even stronger.
6. Hack the vote. Cyberattacks ramp up toward 2019 election
As the 2019 Canadian federal election approaches, attention is already turning to how to prevent interference from foreign hackers. It seems inevitable that the same Russian bot army that (allegedly) swayed the last U.S. election is going to be a factor in Canada. In fact, the federal government has already taken steps to help prevent this scenario with the passing of bill C-76, which some critics claim does not go far enough to protect Canada’s electoral system.