Cyber Security During COVID-19
Date: May 27, 2020
Unclassified
Fully releasable (ATIP)? Yes
Branch / Agency: NCSB/PSC
Issue: Malicious actors are seeking to exploit vulnerabilities that have emerged in the wake of the COVID-19 pandemic.
Proposed Response:
- The Government of Canada recognizes that more than ever, secure and reliable connectivity is a necessity for our daily lives and our collective safety and security, underpinning the delivery of things such as health care, financial transactions, safe transportation, and emergency communications.
- Unfortunately, we have seen that malicious actors, such as cyber criminals, are attempting to take advantage of the new environment created by COVID-19 to exploit particular sectors such as health.
- The Government of Canada is continuously monitoring the situation and actively working to detect, deter, disrupt, and prosecute cyber criminals and other malicious actors.
- Since the onset of the COVID-19 crisis, the Government of Canada has continued to engage with Provinces, Territories, Municipalities, and industry in order to protect Canada’s critical infrastructure and the systems that underpin essential services.
- The Government of Canada continues to share advice and guidance for organizations to increase cyber security and prevent compromises.
- For example, the Canadian Radio-television and Telecommunications Commission Spam Reporting Centre has issued safety advice for the public about COVID-19 related scam calls, emails, and texts.
- The Canadian Centre for Cyber Security works to protect and defend the country’s valuable cyber assets. They work side-by-side with the private and public sectors to solve Canada’s most complex cyber issues.
- There is a concerted effort by the Government to identify and take action on potentially malicious or fraudulent websites related to COVID-19.
- Additionally, the Government of Canada has supported the Canadian Internet Registration Authority in the development of the Canadian Shield initiative, a free protected Domain Name Systems service that prevents individuals from connecting to malicious websites that might infect their device, or steal their personal information.
Background:
Attacks on the computer systems that underpin critical infrastructure are a constant concern for businesses, individuals, and governments in Canada. The current COVID-19 crisis makes these concerns even more important.
Threat Environment
The COVID-19 pandemic has underlined the importance of establishing and maintaining effective cyber security practices. Adversaries, both criminal and state, are continuing to use the current situation to exploit, access, and/or extract information to further their agendas and objectives. This tactic is not new as similar galvanizing events, such as elections and terror attacks, have been exploited by malicious actors hoping to capitalize on a target’s susceptibility.
Many countries have noted that malicious actors, including cyber criminals, are capitalizing on the increased reliance on technology for social interaction and work by exploiting technical vulnerabilities and launching additional phishing campaigns and scams.
Targets of Concern
Malicious actors may be more likely to target the health and government sectors with ransomware attacks due to their increased vulnerability during the pandemic and the increased likelihood that affected organizations will pay the ransom to avoid lengthy shut downs of their critical systems and resultant impact on citizens.
Government of Canada Response
Government of Canada organizations are managing this risk. Federal government interventions to protect its computer systems take many forms, including helping to inform potential targets of attacks and helping computer security professionals adopt best practices to prevent and react to such attacks in order to minimize the impact on essential operations.
The Canadian Centre for Cyber Security (CCCS) is working with the private sector to remove fraudulent sites. Thousands of domains containing the keyword COVID-19 have been registered, and it is likely that many of these domains will be used for malicious purposes such as the distribution of malware or to facilitate on-line spoofing of health organizations and Government of Canada domains.
Additionally, the Government supported the Canadian Internet Registration Authority in the development of their Canadian Shield initiative, which was launched in late April. Canadian Shield is a free protected Domain Name Systems (DNS) service that prevents individuals from connecting to malicious websites that might infect their device, or steal their personal information.
In order to protect Canada’s critical infrastructure, the CCCS has continued to engage with provinces, territories, municipalities, and industry since the onset of the COVID-19 crisis. The CCCS continues to share advice and guidance with organizations to increase cyber security and prevent successful compromises.
To combat the increase in scams/phishing referencing COVID-19 benefits, the CCCS is working with other federal departments, including the Royal Canadian Mounted Police (RCMP) and Canadian Radio-television and Telecommunications Commission (CRTC), to detect, deter, and disrupt, cyber incidents. The Canadian Anti-Fraud Centre is also tracking incidences of cybercrimes linked to fraudulent COVID‐19 themed activities. Ransomware attacks are an area of increasing concern, and one in which co-ordination between Five Eyes partners is essential. The RCMP is investigating those responsible and enforcement/disruption action has been taken.
Additionally, the CRTC uses information submitted by Canadians to the Spam Reporting Centre to create a Consumer Advisory warning for Canadians to inform them about COVID-19 related scam calls, emails and text messages and how to report them.
Contacts:
Prepared by: Gregory Bunghardt, A/Manager, National Cyber Security Directorate, 613-990-9608 / 613-558-8231(c)
Approved by: Dominic Rochon, Senior Assistant Deputy Minister, National and Cyber Security Branch, 613-990-4976
- Date modified: