Over the past few weeks, cybersecurity analysts have observed a significant uptick in cyber attacks and disinformation exploiting peoples' concerns over the spread of COVID-19.
Unfortunately, many of these campaigns leverage the global domain name system (DNS) – including the .CA domain – to deceive and/or harm internet users.
As the stewards of Canada's .CA domain, CIRA takes our role in ensuring the safe, stable and trusted operation of our network very seriously. At no time is this more true than during a global public health crisis like the one we are all experiencing.
.CA domains are one of the most trusted top-level domains in the entire domain ecosystem, reporting some of the lowest percentages of domains used for malicious purposes.
While it is not within CIRA's role or mandate to police the content of websites hosted on .CA domains, we are investigating all "COVID-19" or "coronavirus" related .CA domain registrations to confirm that they are compliant with CIRA’s Canadian Presence Requirements. We are also working with our registrar, cybersecurity, government, and global ccTLD partners to monitor this situation closely.
If you see any domain being used to facilitate cyber attacks such as phishing, malware, ransomware, fraud, or disinformation, you can report them to the following organizations:
In the meantime, we are reviewing our policies and processes to help curb the spread of COVID-19 related cyber attacks and plan to share relevant updates with our community as soon as we can.