Yesterday, Websense released its third annual Canadian Cybercrime Report Card, and the findings are not encouraging. Cyber-criminal activity is on the rise in Canada and it’s becoming more sophisticated.
Let’s be clear about one thing – the Websense report does not refer to .CA. It is referring to websites hosted in Canada. As the registry for the .CA top-level domain, security is our top priority at CIRA. The brand values for .CA we promote – safe, secure, trusted – are words we live by every day. And we work hard to ensure the safety and security of .CA.
Websense’s report raises a number of troubling points. Canada now ranks tenth in the world for websites hosting malware (that’s up 25 per cent over last year). There is good news, sort of. There has been a 67 per cent decrease in phishing sites hosted in Canada in the past year. Unfortunately, even with this decrease, we still rank tenth in the world. Most disturbing is the fact that there has been an 83 per cent increase in hosting advanced malware. This advanced malware is highly sophisticated and is used to target and steal corporate data.
Why has Canada become a destination for malware hosting?
The authors of the report posit that the bad actors, those that are creating the malware, do not want their malicious plans to be predictable (like they would be if they were hosted in Russia of China). Rather, Canada is considered safe and therefore trusted. Their success rates are higher if the malware originates from a trusted server in Canada than in other parts of the world.
You can access the full report here (PDF).
What does the report mean for us who live and breathe in the Internet ecosystem? Canada is not immune to malicious activity online. In fact, Canada is increasingly becoming a host for malware. While I am less than pleased that so much criminal activity is hosted within our own borders, what bothers me the most is the fact that some bad actors are taking advantage of our reputation as a safe place to host websites
Clearly, we all need to do more. The security of the Internet is the responsibility of those who use it just as much as it is for governments, registries like CIRA, and other Internet stakeholders.
Make sure your anti-virus software on your computer is up-to-date. Always install operating system updates. Don’t open attachments in emails if you don’t know the sender. For more tips on how to stay safe online, check out these tip- sheets we developed with the Ottawa-based MediaSmarts.
At CIRA, we will continue to ensure .CA remains one of the safest top-level domains in the world. That work includes partnering with other organizations (like we did with the DNSChanger virus) and implementing measures to make the .CA registry even more secure.