Skip to main content

We're a little sunburnt, and the maple leaf tattoo we thought was temporary doesn‘t seem to want to come off, but since the bad guys never take a vacation, neither do we. Here's a roundup of what you need to know in the world of cybersecurity.

Deloitte sees risk in need to develop Canadian cybersecurity talent

The big headline last week was Canada's inability to create enough cybersecurity talent to fill the demand nationally. How big is the gap? According to Deloitte Canada, more than 5,000 empty cybersecurity seats need to be filled to manage all those SIEM (Security Information and Event Management) platforms across Canada.

Given the rapid growth in cybersecurity investment, we can expect a lot of competition for talent in both service providers and the corporations that use them. They also surmise that the landscape is changing so rapidly that schools will have a hard time keeping up. If we can't build that talent here, Canadian companies will have to look offshore to solve their problems—which brings a whole other set of problems.

Cyber War – the rhetoric is actually quite scary

The Balsillie School of International Affairs in Waterloo held a conference to discuss, among other things, cyber warfare. According to the discussion, cyberspace is a human-created theater on which society is dependent. Whereas in the past battles took place on land, air and sea for control of resources, future wars will be fought over bits and bytes. Colonel Dave Yarker from the Department of National Defense added that cyberspace must also be defended to mitigate risks to traditional warfare. Interestingly, the lack of human resources in cybersecurity was also raised in this forum, adding more urgency to the findings in the Deloitte Canada report.

More and more surveys – the latest two on SMBs

If there's one thing the cybersecurity industry has in abundance, its survey data that shows how unprepared we all are. While there is a risk of information overload for decision makers, this Dark Reading article has a nice summary of two of the latest findings. According to a survey from Webroot, phishing is now the number one cyberattack on organizations.  As humans in your organization will inevitably make a mistake, it has never been more important to add layers of protection to your network. Moreover, smaller businesses are often targeted by hackers due to their connections with large enterprise customers. This is a challenge as enterprises turn to smaller providers of cloud-based platforms for innovation and a competitive edge. This bottom-up strategy can be costly because, according to this article, a breach for an organization between 500-999 employees a can cost up to $1 million in damages.

And finally – the weekly top 10 blocks

To finish off this update, let's take a look at our own DNS blocking data to share some insight. We'll start with a little tidbit that we found curious. We looked at all the HTTP traffic in a market sector (education) and compared it to HTTPS traffic to find that in this sector anywhere from 25 to 50 per cent of all HTTP traffic is going to bad sites. It seems logical that a hacker wouldn't bother to buy an SSL certificate for their domains but it's an interesting finding nonetheless and perhaps underscores why SSL is important for legitimate sites

Last week we saw a big drop in the .ru domains in the top 10 list (maybe everyone is busy watching the World Cup). A domain serving up Morto malware took the top spot due to one network that featured a lot of older machines. After that, we see the usual mix of Spybot, Palevo (particularly nasty malware) and malware on the network calling home – one to a randomized domain name likely generated by an algorithm. There are no new or specifically growing trends among the domains and types we are seeing – just the same continuous threat profile.

Domain

Risk

jfrmt.net.

Morto

zapto.org.

Spybot

ranfla.biz.

Malware

patopato.info.

Palevo

pixeldgarui.xyz.

Malware Call Home

vegasinhand.com.

Malware Call Home

76236osm1.ru.

Trojan downloaders

duckdns.org.

jRAT

ybosrcqo.us.

WireX

e51091eec8b619d50e44c8c29b7a0ee8.com.

Malware Call Home