Living in a hyper-connected world brings certain advantages. But with them comes a host of cyber threats that affect increasing numbers of people and businesses every day.
Technology allows Canadians to be more and more connected. Citizens, businesses, organizations and governments are increasingly relying on electronic communications and transactions that offer convenience and efficiency but may also increase the risk of cyber security breaches.
Brent Mizzen, assistant vice-president of underwriting and policy at the Canadian Life and Health Insurance Association (CLHIA), says, “We live and work in a faster-paced environment these days, and one of the themes we hear is that cyber threats are constantly evolving. You may be prepared for one threat today and faced with a different one tomorrow,” he says. “We are also observing an increasing level of sophistication.”
As examples, Mr. Mizzen points to phishing emails, which attempt to obtain sensitive information such as usernames, passwords or financial details, and ransomware, a type of malicious software designed to block access to a computer system until a payment is made. “In the past, it was easier to identify fraudulent messages, but now those emails often look legitimate,” he says.
While cyber attacks are most commonly committed for financial gains, they can also be politically motivated or designed to compromise and embarrass organizations. Along with security threats, Canadians are frequently targeted with false or misleading information.
“Two trends becoming more of an issue for consumers are fake online reviews or endorsements and undisclosed sponsored content on social media,” says John Pecman, Canada’s Commissioner of Competition. “It is crucial that consumers are provided with unbiased, accurate information that allows them to make informed decisions. That’s why the enforcement of deceptive marketing practices cases in the digital economy is a top priority for the Competition Bureau.”
Mr. Pecman believes Canadians need to remain vigilant and question the authenticity of any representations they see online. “It’s easier than ever for scammers to find out information about you via your social media presence and misrepresent themselves as someone who shares common interests and likes,” he explains. “They can then tailor a scam to appeal to you directly, such as asking for donations for a particular cause, sending you information on ‘great deals’ for fashion or home items, or even convincing you to participate in a pyramid scheme or other illegitimate online business ventures.”
He adds that the Competition Bureau regularly issues consumer alerts to ensure that consumers are educated on the various types of scams and know how to recognize them and what to do if they become victims.
Mr. Mizzen says that when potential cyber incidents – such as the presence of malware, viruses or other threats – occur, many organizations receive notifications. Due to the often significant volume of those alerts, it is important to be able to identify those that demand immediate action.
“Since cyber threats cross borders and move from one jurisdiction to another quite quickly, and are constantly evolving – it can be tough to deal with an issue in isolation,” says Mr. Mizzen, who recommends a collaborative approach.
Government, organizations and businesses have to take responsibility for implementing practices and procedures that ensure their and their clients’ information is protected, he says. For instance, cyber security is a priority for the Canadian life and health insurance industry, which protects over 28 million Canadians and makes more than $84-billion a year in benefit payments to residents in Canada. To this end, the industry adopts secure business practices and collaborates on cyber security efforts. In addition, the CHLIA supports promoting awareness of best practices among the general public.
Resources organizations can turn to include: the Canadian Cyber Incidents Response Centre, which focuses on the protection of national critical infrastructure; the Financial Services Information Sharing and Analysis Center, a U.S.-based information-sharing mechanism for information on threats to financial sector subscribers; and the Canadian Cyber Threat Exchange.
Collaboration and timely information-sharing between multiple programs can facilitate a faster and more effective response, says Mr. Mizzen. He also welcomes government action towards improving Canada’s preparedness, such as the recent consultation by Public Safety Canada on cyber security.
Mr. Mizzen sees public awareness and education as key. “Since Canadians are using technology at an earlier age, it makes sense that education should start early,” he says. “If we can embed awareness about the risks and secure practices into our culture and day-to-day habits, we can get the best out of our technology use.”
Use strong passwords
Use different user ID/password combinations for different accounts and avoid writing them down. Change them regularly.
Secure your computer
Activate your firewall, use anti-virus/malware software and block spyware attacks.
Be social media savvy
Make sure your social networking profiles are set to private, and be careful what information you post.
Secure your mobile devices
Your mobile device is vulnerable to viruses and hackers. Download applications from trusted sources.
Install the latest operating system updates
Keep your applications and operating system current.
Protect your data
Use encryption for your most sensitive files and store them securely.
Secure your wireless network
Make sure your home Wi-Fi network is secured, and avoid conducting financial or corporate transactions on public Wi-Fi, a.k.a. “hot spots.”
Avoid being scammed
Think before you click on a link or file of unknown origin. Don’t reply to emails asking for private information, user ID or passwords.
Call the right person for help
If you suspect a computer crime, identity theft or commercial scam, report this to your local police.
For more related to this story visit globeandmail.com