What can we do to combat cyberattacks? A lot.

By: Yasmin Ranade

October 15, 2023

The impact of cyberattacks run the gamut, from disruption to complete shutdown. So, what can we do to combat cyberattacks? We can learn how to protect ourselves and our businesses.

Jon Ferguson, General Manager of Cybersecurity & DNS, CIRA

Jon Ferguson, General Manager of Cybersecurity & DNSat the Canadian Internet Registration Authority (CIRA) discussed with me impacts of cyberattacks, recommendations for Canadian organizations to increase their cybersecurity, and steps Canadians can take to protect themselves from cyberattacks.

First, I asked Ferguson to elaborate on the development and importance of cybersecurity at CIRA to which Ferguson responded, “I lead CIRA’s Cybersecurity & DNS services unit, which plays a key role in our overall mission to build a trusted internet in Canada. Our cybersecurity services emerged from CIRA’s experience building global, resilient, and secure infrastructure that keeps over 3 million .CA domains online and secure.”

“The early foray into security for CIRA was focused on taking our technical expertise and doing good with it,” explained Ferguson. “CIRA is known for being the not-for-profit behind the .CA domain, so we have years of knowledge and experience operating a global Domain Name System network (DNS). The DNS provides a critical service in keeping domains and websites available, functional and ensuring Canadians always have access to their favourite .CA. With one third of all Top-Level Domains (TLDs) on the internet leveraging our services, we realized we could channel our knowledge of DNS to provide a safer internet,” said Ferguson.

“This led to the creation of two key DNS services: one is used to make websites available and resilient to certain types of distribution denial-of-service (DDOS( attacks, and the other blocks malicious websites from being loaded on a user’s device, referred to as protected DNS,” said Ferguson. Over 8 million users in Canada currently leverage this service with about half of those users utilizing our free CIRA Canadian Shield application for their households.”

“In recent years,” added Ferguson, “we have worked to provide a ‘human firewall’ to organizations by delivering Cyber Awareness Training and phishing simulation tools. These services allow organizations to train and test colleagues on their ability to identify risky or suspicious activity and help mitigate threats before they cause damage.”

“Looking to the future, CIRA is continuing to improve its current services and integrate them more deeply with network protection tools like EDR, SIEM and security operations centers,” stated Ferguson. “With the recent release of our off-network protection service for DNS Firewall, CIRA has committed to providing protected DNS directly to individual computers and mobile devices. This capability will also allow us to provide additional endpoint security capabilities and add to the soon-to-be-released security analytics that will accompany our existing solutions. As organizations look towards improving their capabilities to remedy threats and respond to them, we see immense value in integrating the human and network firewalls to drive more directed training and risk reduction strategies.”

Cyberattacks on Canadian organizations

Vulnerability to cyberattacks is now, more than ever, a business priority and so I asked Ferguson about the kinds of attacks that are prevalent and why businesses remain vulnerable.

“Our research shows that data breaches targeting Canadian organizations have nearly doubled since the pandemic and data from our DNS Firewall indicates that malware makes up most of the malicious traffic detected,” responded Ferguson.

“When it comes to cyberattacks, organizations are targets for a variety of reasons,” began Ferguson. “Hackers look for intellectual property to cause disruption or reputational damage for systems and people. These items provide immediate financial benefits or information that can be leveraged in larger coordinated attacks. The reality is that attacks or breaches are not solely intentional but often arise through automated attacks that scan the internet and connected devices looking to exploit a known vulnerability. Unfortunately, this means that cyberattacks can be a result of random bad luck.”

Ferguson went on to add, “One of the most concerning trends has been a persistent focus from attackers on the education, healthcare and critical infrastructure sectors, which hold copious amounts of valuable data and research and/or deliver services critical to the daily lives of citizens.”

“Disrupting power delivery or access to healthcare can destabilize communities and leak information that may be used for more directed attacks,” elaborated Ferguson. “Some of the more public incidents demonstrate why we are so vulnerable. Technology moves quickly and organizations are being pressured to transact more frequently online—all while threat actors are becoming more sophisticated. Systems and knowledge in the workforce are not being maintained at the same rate as change. Insufficient patching of software or replacement of legacy equipment are primary risks that are often the root cause of a breach.”

Actions businesses can take to strengthen their cybersecurity

Cyberattacks can reach Canadian businesses in every way, and they are constantly evolving. So, what can Canadian businesses do to protect themselves?

“It is important to consider that cybersecurity is not a static box to check and that the best defenses against threats have remained consistent,” said Ferguson. “We recommend regular software patching and updates to reduce vulnerabilities, cybersecurity training and awareness. Business continuity planning and implementing backups can go a long way to ensure when an incident occurs, its impacts are minimized, and risks can be identified.”

Added Ferguson, “Whenever an investment is being made to improve the cybersecurity readiness of a business, look to the most effective spending first. There are frameworks that can help businesses orient themselves and benchmark their progress, like the Cybersecurity Maturity Model Certification (CMMC).”

“At CIRA, we emphasize adopting a layered approach to cybersecurity, with each one building off the other,” shared Ferguson. “Regardless of an organization’s size, cyberattacks become serious cyber incidents through one commonality: human error. The first thing Canadian businesses can do is build their human layer by ensuring employees receive regular cybersecurity awareness training. This way, when a phishing scam or other social engineering trick comes through, employees will know not to access it.”

“From our cybersecurity research, we know organizations cite insufficient resources as the number one reason as to why they aren’t improving their cybersecurity posture—whether the resources are financial, human or technological,” remarked Ferguson. “Regardless of available financial and technological resources, one of the biggest barriers facing businesses is the cybersecurity skills talent gap. This is especially difficult for medium to small organizations that continue to compete for talent and might not have the resources to plan for attacks. This trend is exacerbated when you move out of the private sector and into the non-profit and public sector space.”

“At CIRA, we have seen a lot of success in an industry sector working together to solve shared risks—this allows organizations to pool knowledge resources, procure software in bulk and work a larger problem set than any one organization could work alone. This type of security through community can also be achieved through partnering with managed security service providers who provide their specialized skills to many customers.”

“We would also encourage Canadians to look into services provided to them free of charge.  The Canadian Centre for Cybersecurity produces a lot of information and assistance related to cyber threats, groups like Media Smarts provide great content on digital literacy and at CIRA we provide the free Canadian Shield application for home users to block malicious traffic on their devices.”

Cybersecurity awareness and action falls on all of us

“At CIRA, we continue to emphasize that cybersecurity is a team sport. Every single Canadian – whether they are acting as the government, private sector, civil society, or as individuals—has a role to play,” stated Ferguson.

“When it comes to individuals and households, their best first defense is knowledge. Knowledge is power and people are the most powerful defense. The Canadian Centre for Cyber Security offers several free resources and tools to help Canadians stay up-to-date about threats they may face and best practices to prepare themselves.”

“As a non-profit, we also offer a free service called CIRA Canadian Shield. It is enterprise-grade protected DNS software that you can download on your phone, enable in your browser, or configure on your home Wi-Fi. Protections like CIRA Canadian Shield provide a great layer of outer defense, so if an individual accidentally clicks on something malicious, their computer is prevented from making the malicious connection.”


More on Cybersecurity

Leave a Reply

Your email address will not be published. Required fields are marked *