In vulnerability, there is oppportunity: Threats to cyber-security in the time of COVID-19

In a time of crisis that affects not only Canada but the world at large, certain individuals and groups have seen this vulnerability as an opportunity for exploitation. In recent weeks, the Communications Security Establishment’s Centre for Cyber Security (the Cyber Centre) has detected and subsequently taken down several websites mimicking those of government departments such as the Public Health Agency of Canada and the Canada Border Services Agency. These websites have attempted to send out phishing emails related to COVID-19 with malicious attachments in an attempt to gain access to people’s personal data, including credit card information. They have also sought to spread misinformation in order to prey on the fears people have towards the virus. Despite the Cyber Centre remaining vigilant and quickly addressing these acts of cyber-criminality, the presence and sophistication of such attacks may continue to grow throughout this pandemic, presenting several concerns for Canada’s economic and human security.

Responding to cyber-threats is nothing new for Canada as there has been a number of high-profile attacks conducted in recent years, including a distributed denial-of-service (DDoS) attack that crashed the websites of the Ottawa Police, the Supreme Court of Canada and the Canadian Parliament. The Ottawa Civic Hospital also experienced a ransomware attack in 2016 that blocked hospital staff from accessing information on 4 of the 9,800 computers on its network. The use of ransomware attacks has been growing in popularity, targeting both businesses and personal computers for the purpose of forcing users to pay to retrieve access to their files, despite no promise of access ever being granted. While the scale and consequences of these attacks and the events mentioned above have been minimal, COVID-19 has created an online landscape far more vulnerable to cyber-exploitation.

This is demonstrated by the mass amount of people across all sectors being forced to work from home to mitigate the spread of the virus. As these numbers rise, so does the reliance on less-secure computing to ensure that businesses remain afloat and government continues to function as seamlessly as possible. While already struggling heavily due to the economic ramifications brought on by this virus, many small businesses would be unable to recover if subjected to ransomware in this time of struggle. It is estimated small and medium-sized enterprises (SMEs) employ 90% of Canada’s private sector workforce, contributing significantly to the nation’s GDP. If left to suffer at the hands of this threat, the collapse of SMEs would prove detrimental to the short- and long-term stability of the Canadian economy. 

Warnings have also been issued by the Cyber Centre regarding the state of vulnerability faced by Canada’s healthcare sector, as it is believed that there is now an “elevated level of risk” of cyber-security incidents. With the healthcare system already taxed as it responds to the rising number of cases across the country, a successful cyber-attack whether it be ransomware by a criminal entity or data manipulation on behalf of a foreign state, could lead to a significant loss of life should healthcare professionals be unable to access timely and reliable information on patients. The Cyber Centre has also identified the use of cyber-attacks against medical research as a significant threat, particularly as Canadian researchers work towards finding a vaccine to this virus. Impeding this research and the development only prolongs the devastating effect that this virus has on Canadians and must be countered by any means possible.  

To address the potential increase and significant impact that these threat-actors could have on both Canada’s economic well-being and Canadian lives in the wake of COVID-19, CSE and the Cyber Centre must ensure both proactive and defensive measures are in place. Steps have already been taken to help inform the public on how they can remain cyber-safe during isolation, including providing advice and guidance on how Canadians can protect themselves from phishing attempts.

But in order to mitigate the breadth of concerns brought on by this threat in an already challenging time period, CSE must ensure that the Government of Canada’s networks, particularly those associated with the health sector are well defended from malicious attacks. It must also leverage its existing relationship across government whether it be with law enforcement, security agencies or private sector partnerships to track and disrupt these acts before they result in severe economic damage, or even the loss of life. As the public face of Canada’s cyber-security, the Cyber Centre must work to provide SMEs with the tools and awareness necessary to ensure their cyber-security as they navigate this virus. While short-term economic impacts associated with the virus have been felt by SMEs nationwide, the mitigation of potential cyber-related intrusion on behalf of these threat actors could make a massive difference for the long-term prosperity of these enterprises, and the Canadian economy at large.