Hackers increasingly target Canada key infrastructure: Spy agency | Cybersecurity News


Agency reports 235 ransomware attacks on Canadian targets this year, half of which were key infrastructure providers.

Global ransomware attacks increased by 151 percent in the first half of 2021 compared with 2020, Canada’s signals intelligence agency has reported, as hackers become increasingly brazen.

Key Canadian infrastructure has regularly been targeted in ransomware attacks in which hackers essentially hold computer information hostage until they are paid, the Communications Security Establishment (CSE) said in a report published on Monday.

The agency said it knew of 235 ransomware incidents against Canadian targets from January 1 to November 16 of this year. More than half were critical infrastructure providers, including hospitals.

“Ransomware operators will likely become increasingly aggressive in their targeting, including against critical infrastructure,” said the report issued by the Canadian Centre for Cyber Security, a unit of CSE.

The average total cost of recovery from a ransomware incident more than doubled to $1.8m globally in 2021, the Reuters news agency reported.

CSE reiterated that actors from Russia, China and Iran posed a serious threat to the cyber-infrastructure of countries such as Canada.

“Russian intelligence services and law enforcement almost certainly maintain relationships with cybercriminals, either through association or recruitment, and allow them to operate with near impunity as long as they focus their attacks against targets located outside Russia,” CSE said.

SolarWinds hack anniversary

The Canadian government report came as a US cybersecurity firm warned that attacks by elite Russian state hackers have barely eased up since last year’s massive SolarWinds cyber-espionage campaign targeting US government entities, including the Justice Department, and companies.

On the anniversary of the public disclosure of the SolarWinds intrusions, US cybersecurity firm Mandiant said hackers associated with Russia’s SVR foreign intelligence agency continued to steal data “relevant to Russian interests”.

The hacking campaign was named SolarWinds after the US software company whose product was exploited in the first-stage infection of…

Source…