Canada’s squeaky clean image earned a few smudges recently in a report released by Internet security firm Websense which named the country as now the world’s number two host for phishing sites.
Canada, which was 13th on a list of countries favoured by cyber criminals just last year, is now second only to the United States, according to the report.
“Our Internet monitoring stations registered a 53 per cent increase in botnet activities in the past eight months in Canada,” Patrik Runald, senior manager for Websense’s Security Labs told ITBusiness.ca.
The security expert however, was quick to add that this does not mean cyber crime rings have physically moved their headquarters to Canada.
“A lot of these operations remain based in Eastern European locations such as Russia, Ukraine, the former Czech Republic and then in China,” said Runald. “The attacks are merely being hosted by compromised or hacked machines in Canada.”
Greater government involvement required
Technology-based protection continues to improve but government involvement in the battle against cyber crime is critical, according to Ron Deibert, director of the Internet watchdog organization Citizen Lab based at the Munk Centre for International Studies at the University of Toronto.
“Unfortunately, the Canadian government lags behind other jurisdictions in the development of a comprehensive cyber security strategy,” he told ITBusiness.ca.
Deibert said the problem is not so much the legislation of anti-cyber crime laws but rather the allocation of resources to enforcement agencies. “There are not enough resources and funding to enable law enforcement agencies to do their jobs effectively.”
Added to this, he said, the difficulty of prosecuting criminals whose operations span the globe. In cyber crime, it’s typical that the crime is committed in one country while the perpetrators are located in another country. “There’s little incentive our authorities to run after criminals if they can’t prosecute in Canada.”
Websense’s Top 10 phishing host countries for January to May, 2011:
- United Kingdom
- South Korea
Runald attributed the rising popularity of Canada among cyber crime syndicates to the growing pressure criminal elements are experiencing in their original host countries.
“IP (Internet Protocol) addresses in China and Eastern Europe are highly scrutinized and undergoing intense evaluation. Cyber criminals are on the move again,” he said.
Cyber crime hiding under the Canadian flag?
Essentially, cyber criminals are hiding under the mantle of Canada’s reputation, said Fiaaz Walji, senior director of sales at Websense.
For instance, he said, many anti-malware tools and filters scrutinize Web traffic based on behaviour and reputation. “Traffic coming from previously suspect countries of origins, tend to get flagged,” he said.
Canada, until now, has enjoyed a relatively “clean” reputation, said Walji.
The Websense report indicates several factors that point to a developing trend positioning Canada as an emerging cyber crime breeding ground:
Jump in hosted phishing sites – Canada saw a huge increase in the number of servers hosting phishing sites. The number jumped by as much as 319 per cent in the last year. “The increase over the last 12 months is second only to Egypt in terms of growth of sites hosting malware.”
Increase in botnets – Cyber criminals are moving operations to safer grounds. Canada saw a 53 per cent increase in botnet activities.
Malicious Web sites – There’s a worldwide decline in malicious web sites. However, Websense said, the decline in Canada appears to be much slower compared to the rest of the world.
Overall cyber crime increase – Websense’s recent Threat Report places Canada in the number six position for hosting cyber crime. “But activity in the country continues to rise,” said Runald.
Botnets play a major part in propagating spam and malware, according to Paul Wood, MessageLabs Intelligence senior analyst for Symantec Cloud.
“It’s no secret the major role that botnets play in spamming. In 2010, spam-sending botnets were responsible for as much as 88 per cent of the world’s spam,” he said.
Before its take down by U.S. authorities, the Rustok botnet was responsible for sending approximately 44.1 billion spam emails each day, said Wood. “That made it the single largest spam-sending botnet.”
Untethered workforce new cyber crime target
With the adoption of wireless networks and online collaboration tools in business, today’s remote workers have become very enticing targets for cyber criminals, according to Wood of Symantec.
“Today’s fluid and hyper-connected work environment introduces new challenges to SMBs (small and medium sized businesses) because it becomes more difficult to manage and monitor the activities of a distributed workforce,” he said.
For instance, he said, Symantec Cloud found that downloads (a potential security threat and source of malware) were 5.4 times more likely to be triggered by mobile workers compared to office-based employees.