As the internet continues to evolve with dizzying speed, cyber threats are evolving along with it. Take the sudden, large-scale shift to remote work in the early days of the pandemic. As IT departments scrambled to get their employees set up to work from home, malicious actors saw a golden opportunity to find new vulnerabilities to exploit. And exploit they did, targeting remote workers with a spate of new attacks, including COVID-related phishing scams, ransomware attacks and malicious Zoom-lookalike domains.
Here at CIRA, improving the internet’s security and resiliency is an important part of our mandate. While we’re best known as the national not-for-profit that manages the .CA domain on behalf of all Canadians, we also develop and offer a range of cybersecurity and domain name system (DNS) services to help achieve a trusted internet for Canadians. Our Anycast DNS service helps protect one third of all top-level domains on the internet, while our cybersecurity services, such as CIRA Canadian Shield and CIRA DNS Firewall, protect millions of users within Canada.
At the end of last year, we decided to take a look under the hood of CIRA’s DNS Firewall service. If you’re not familiar with it, the service analyzes and monitors DNS traffic for hundreds of organizations across the country, protecting their networks, devices and employees from the growing list of cyber threats by ensuring that requests to malicious sites or unwanted content are blocked. The service protects over 3.1 million users across a variety of sectors, including municipalities, health care, financial services, higher education, K-12 schools, and organizations connected to CANARIE and its provincial and territorial partners in the National Research and Education Network (NREN).
By examining traffic patterns and requests to connect to malicious sites, CIRA can track known threats, assess new ones and develop strategies to mitigate emerging risks in networks across the country.
Our analysis of DNS Firewall data in Q4 of 2021 looked at blocked domain requests for over 600 organizations from September 15 2021 through January 15, 2022. In our quest to advance the national conversation about cybersecurity, CIRA is pleased to share key insights into the threats that organizations across the country are facing.