Cyber security has become indispensable with the world progressing to IoT (Internet of Things) devices. Hacking these devices can provide access to entire business networks that contain all kinds of data records. These may include data from the defense and military sectors as well.
Cyber attacks can cause irreparable material loss and compromise critical customer data such as bank and investment records leading to fraud and identity theft. Although the world is migrating to cloud architectures such as Microsoft and Amazon, no storage system is free of risks, especially cyber attacks. Thus, customers must be vigilant when trusting any third party with sensitive data.
This article aims to provide some insight into the cybercrime situation in Canada and where it stands globally in its ability to combat cyber attacks.
What You Will Find in this Article
- Where Does Canada Rank in Cyber Security?
- What are the Most Common Cybercrimes in Canada?
- Phishing Emails
- Data Breaching
- How Much Cybercrime is There in Canada?
- State of Cybercrime During the Global Pandemic.
- Is Cybercrime Increasing in Canada?
- Cybercrime and Newer Technologies
- Which Type of Canadians is Most Prone to Cyber-Attacks?
- Impact of Cybercrime on Businesses.
- What Measures Can Be Taken to Avoid Cyber Attacks?
- Avoiding Fake Websites
- Scam Mobile Networks
- According to a survey by Made in CA covering 75 countries, Canada was the 13th safest country regarding cybercrime.
- According to Statista, between 2014 and 2021, police reported that cybercrime in Canada had increased almost 3.5 times.
- According to the 2020 Cyberthreat Defence Report, 80% of Canadian companies have experienced a successful cyber attack within a span of one year.
- As per the Canadian anti-fraud center, in 2021, Canadian citizens lost $230 million in online fraud cases.
- The most common form of fraud was in the investment sector, which cost around $70 million.
- TechTarget highlights that in the first quarter of 2020, 66% of phishing attacks overall targeted Canadian users.
- At the beginning of 2022, 60% of Canadian organizations were victims of ransomware attacks. In the third quarter of 2022, 650 thousand business records were lost.
- CCTX quoted from an IBM research in 2020 that the total losses owing to a data breach for Canadian companies were $4.5 million (USD).
- According to Made in CA, 34% of Canadians suffered phishing attacks, and 14% received emails that were apparently covid related.
- Based on Cision Newswire, only 50% of Canadians use anti-virus software, whereas only 49% use layered authentication methods to verify their data.
- According to the same source, 34% of the 18-34 age group have an up-to-date anti-virus software installed on their devices. Only 35% regularly update or change their passwords.
- 45% of the older generation aged 35 – 54 has an up-to-date anti-virus system installed. Among 55+ years, this percentage is 67%.
Where does Canada rank in cyber security?
Made in CA is an organization that supports the products and services of small (local) businesses in Canada. They also emphasize the impact of these businesses on the economy and aim to market the services that have the potential to satisfy customers country-wide.
According to an article on Made in CA’s website, Canada has a good cyber security score as it is among the top 15 out of 75 countries that were surveyed. This data is from 2020 to 2021.
A cyber security score shows how well a country can counter cyber attacks. It also shows how equipped a country is to withstand attacks and whether they can repulse their rising frequency.
What are the most common cybercrimes in Canada?
Cybercrime is undoubtedly on the rise and has significantly increased after the global pandemic. The Government of Canada entrusted the Canadian Centre for Cyber Security to conduct the National Cyber Threat Assessment 2023-2024.
Comparitech is a research company that aims to provide tools and techniques to improve cyber security and online privacy.
An article published by a VPN and cybersecurity expert on their website claims that Canada considers cybersecurity their top priority. It states that some of the most common cybercrimes in Canada include:
- Phishing Attacks
- Data Breaches
Statista is one of the top organizations for providing reliable statistics across more than 170 industries worldwide.
One of their posts mentions fraud as the most common of all cybercrimes in Canada.
Cyber harassment and online threats were also common.
In 2021, there were 33,689 fraud cases in Canada, a significant increase of around 13% from the figure in the previous year (29,782).
In accordance with the Canadian anti-fraud center, in 2021, Canadian citizens lost around $230 million in online fraud cases where they were trapped or coerced into transferring their assets to a so-called ‘reliable’ party. The most common form of fraud was in the investment sector, which cost around $70 million. It is critical to note that most fraud occurs during transactions of cryptocurrencies.
Phishing, too, begins with fraudulent emails. This is when a user accesses any links or attachments in a legitimate-looking email and ends up compromising their connection data. This leads to identity theft and the loss of personal data integrity.
TechTarget highlights some noteworthy statistics from the RSA Quarterly Fraud Report. In the first quarter of 2020, 66% of phishing attacks targeted Canadian users.
Ransomware evolves by the day, and unfortunately, it is beyond our technical scope to predict the next type of attack.
At the beginning of 2022, 60% of Canadian organizations were victims of ransomware attacks. In the third quarter of 2022, 650 thousand business records were lost. Although this is a decrease of nearly ten times from the last year, the figures prove that ransomware is one of the most prevalent forms of cyber attacks on Canadian organizations.
According to a CyberEdge report quoted by Made in CA, 72% of Canadian companies faced ransomware attacks in 2020. However, this figure fell to 61.2% the following year, thereby improving Canada’s security ranking.
65% of such companies are expecting such attacks in the future. Canadian organizations have already lost $2 million to the damages cost by ransomware.
As per data from Statistics Canada, one out of ten organizations was affected by ransomware. 11% of Canadian businesses impacted by cyber-attacks faced ransomware. 82% of them did not pay the ransom, whereas 18% did.
Thus, security organizations must devise a solution to the increasing number of attacks since the losses involved are irretrievable too often.
IT World Canada is a content marketing and digital media service company that is privately owned. They also impart exclusive marketing strategies and quality journalism services. In a release, they state ransomware to be the most damaging form of cybercrime. Cybercriminals will continue to advance in this niche while consistently increasing their profits with no cap to it.
Additionally, data breaching is a key concern for Canadian security and business organizations. After the United States and the Middle East, Canada is number three in terms of material losses. In 2022, Canadian organizations lost about 5.6 million U.S. dollars to security breaches.
Based on figures published by Made in CA, the average losses that Canadian companies face due to a security breach are around 5.4 million dollars in 2021.
However, it is important to note that 42% of data breaches are by hackers and malicious software, while 35% were from system glitches and 23% were a result of human errors.
CCTX is a platform where different Canadian organizations collaborate to improve the overall security of company data and reduce the overall frequency of cyber attacks by taking the appropriate preventative measures.
CCTX provides a list of cyber facts that include the common cyber attacks companies face. They quoted from an IBM research in 2020 that the total losses owing to a data breach for Canadian companies were $4.5 million (USD).
How much cybercrime is there in Canada?
Based on data from Statista, there were 70,288 cybercrime cases reported to the police by Canadian organizations in 2021. Among these, fraud crimes were the highest.
The figures on cybercrime vary across most Canadian regions; some of the trends observed are quoted below (note that the cybercrime rate is the rate per 100,000 population).
Also, for comparative purposes, according to data from AAG IT about the total number of cybercrime cases in Canada 2021 and the total Canadian population, the overall rate of cybercrime in Canada per 100,000 people is 183.
- Nova Scotia: The number of cybercrime incidents in 2021 was 2,748. The rate of cybercrime was 277.
- Ontario: The number of cybercrime incidents in 2021 was 28,540. The rate of cybercrime was 193.2.
- Alberta: The number of cybercrime incidents in 2021 was 8,464. The rate of cybercrime was 190.
State of Cybercrime During the Global Pandemic
Made in CA quotes a few statistics on the state of cybercrime in Canada around the time of the global pandemic. Inevitably, most of the world shifted online as many important services began to operate from home/online. According to Statistics Canada, in the first six months after the announcement of the global pandemic, 42% of Canadian citizens fell victim to some form of cybercrime.
As time progressed, these numbers increased drastically as heavy data and currency transactions were conducted online. Malware, hacking, fraud, and ransomware were the most commonly observed crimes, and 36% of the reported crimes involved the loss of money/data.
Similarly, phishing attacks in the form of legitimate-looking emails were primarily on the rise because of the level of trust people had begun to develop for online services. It became fairly easy to deceive customers by sending them promotional emails under the names of famous brands or companies. 34% of Canadians suffered these attacks, and 14% received emails that were covid related but were obviously fake (this figure applies only to the first six months of the pandemic).
Statistics Canada is Canada’s central statistical office that provides awareness to Canadians about their population, resources, and economy. According to one of their releases, in 2021, a little under one-fifth (18%) of businesses fell victim to some form of cyber attack. Some of them, with respect to size, are as follows:
- Small Businesses: 16%
- Medium Businesses: 25%
- Large Businesses: 37%
Behind many of the cyber threat instances were the following motives:
- Ransom: 7%
- Personal Information Theft: 6%
- Unclear motive: 39%
Is cybercrime increasing in Canada?
According to Statista, between 2014 and 2021, police reported cybercrime had increased by almost 3.5 times.
They also presented a chart that contains the number of different crimes reported from 2014 to 2021. The figure below shows a contrast in the type of crime with its frequency in 2020 and 2021.
In 2014, there were around 15,184 cyberattacks reported to the police. Comparing this with the figure it was in 2021 (70,288), cybercrime is undoubtedly increasing at an alarming rate.
According to the figure above, the cyber threats mentioned are increasing. With greater access to the internet and unsupervised browsing, unfortunately, children are increasingly becoming victims of cyberbullying, online threats, etc.
Cyber Crime and Newer Technologies
It is no secret that the digital world is evolving, and newer devices and innovative technologies will continue to emerge by the day. A typical example is the automation of different business affairs using machine learning. Cybercriminals can easily exploit all businesses/individuals using this technology and can exert complete control over critical database systems. Similarly, quantum computers severely compromise the confidentiality of any individual’s private credentials. Despite the number of encryption algorithms applied, data transferred over quantum networks can easily be decrypted and misused.
Which type of Canadians is most prone to cyber-attacks?
Cision is a notable news and press release platform based in Canada. They provide up-to-date news insights according to their audiences’ demands.
According to one of their news releases published on September 27, 2022, an RBC (Royal Bank of Canada) poll indicates that 71% of Canadians are now aware of cyberattacks. However, 47% worry that they will fall victim to such attacks in the following year.
Those who do not take the specified preventative measures to avoid cyber-attacks are usually the ones who fall victim to them.
- Firstly, only 50% of Canadians use anti-virus software. For the rest, this is equivalent to inviting malware to damage one’s data integrity.
- 49% use layered authentication methods to verify their data. This is an alarming percentage as, in today’s age, it is relatively easy to guess or crack a password. Thus, to reduce the threat to one’s private information, it is essential that one use multiple verification methods when entering sensitive data online.
- Surprisingly, as aware as the younger generation is of the risks of data breaches, they are less likely to take any action to prevent it. 34% of the 18 – 34 age group have an up-to-date anti-virus software installed on their devices. Only 35% regularly update or change their passwords.
- On the other hand, the older generation, within the range of 35 – 54 years or 55+, mostly has an up-to-date anti-virus system or firewalls (either hardware or software) installed. The percentages are 45% and 67%, respectively. Additionally, people within this group are much more likely to regularly update their passwords (50% and 51%, respectively).
- CityNews 660 published an article on 27th September 2022, where they mention the same statistics about the age groups who are knowledgeable about cyber attacks and how many of them take preventative measures.
Impact of Cybercrimes on Businesses
Statistics Canada states some of the cybercrimes that Canadian businesses faced around 2021. In 2021, 18% of businesses were impacted, whereas, in 2019, 21% were affected.
The most common crimes observed in 2021 were the following:
- Theft and ransom (7%)
- Loss of personal/financial data (6%)
- No clear motive (39%)
The perpetrators in most cases were as follows:
- External parties (61%)
- Unidentified perpetrator (38%)
- Internal parties (5%)
- Third parties, usually suppliers or customers (6%)
The impacts of cyber crime are mostly financial losses. Thus, businesses, regardless of size, tend to shape their policies in order to recover from these losses. Businesses began to spend huge sums towards the detection or prevention of cyber attacks. In 2021, businesses spent $9.7 billion in such facilities, which is an increase of $2.8 billion from 2019. Businesses that were impacted spent more than those that were not.
Apart from investing in such services, another observation was that businesses were more aware of the types of cyber attacks and were more likely to identify and report them. Also, the number of cybersecurity professionals increased.
According to the 2020 Cyberthreat Defence Report, 80% of Canadian companies had experienced a successful cyber attack within a span of one year. Some important statistics on these attacks are as follows:
- 4 out of 5 companies had experienced at least one successful cyber attack. One-third of such companies suffered 6 or more attacks.
- API gateways and web application firewalls were some of the most sought-after apps among security products.
- Although many IT companies are migrating to cloud-based storage systems, data handling is never devoid of risks. One of the most commonly observed of these risks was the loss of data or identity theft, mainly as a result of hackers being able to bypass security interfaces.
The Globe and Mail is one of Canada’s leading news and mail companies. In an article, they mention that apart from financial losses, companies lose many loyal customers as after ransomware attacks. This is because it is unnerving for customers to learn that their data has been compromised, thus weakening the level of trust in these organizations.
Measures to Avoid Cyber Attacks.
The Government of Canada provides a list of cautionary measures one should consider when conducting business online.
Some of the things one should keep in mind are:
- No other third party can ensure a Canadian visa apart from the Canadian visa officers, consulates, or officers at the embassy.
- Processing fees for various services are all the same. No external party should be charging extra for any of the services one may require.
- Jobs with unusually high salaries should be cross-checked and verified before one applies to them.
Avoiding Fake Websites
In the current time, it is quite simple to imitate a professional website to lure customers and coerce them into depositing money on these web pages. To identify such websites, one must keep the following in mind:
- Websites that offer special incentives to people who wish to move abroad by promising a faster immigration process or making promises of this sort are fake and not to be accessed. Hackers behind such websites are after users’ personal information and eventually steal their money through such sales promotions.
- Similarly, one should ensure that a security protocol is enabled on their browser when surfing on the internet. This can be either an SSL (Secure Sockets Layer) or TLS (Transport Layer Security) protocol that encrypts a user’s information over the internet and ensures a safe exchange of data.
- Emails from strangers or promotional letters from companies whose services you did not subscribe to are potential phishing emails and are, therefore, to be avoided.
Scam Mobile Networks
People are often scammed through phone calls as well. These calls tend to be service oriented, for example, pretending to be from the bank to retrieve credit/debit card information. It is imperative to note that no service will ever require you to pay over a phone call. Thus users should ignore such calls in the first place.
In another release, the Government of Canada mentions a few ways one can identify a fraud or scam case. For example, text messages that claim to be from Canada’s revenue agency, service Canada, citizenship centers, and border services. These scams can take the form of phone calls, emails, text messages, e-payment scams, and even Covid-19 scams.
Avoiding Public Wi-Fi and Using VPNs
Cision, in a news release, mentions a few pointers on preventing threats to an individual’s cyber security. It states that you should avoid public Wi-Fi networks at all costs as it is equivalent to voluntarily giving away private information. Surveillance cameras in public spaces, or even people looking over one’s shoulder, pose a risk to data security. If absolutely necessary, one should use a VPN while entering sensitive data onto websites over public networks.
Cybercrime had always been increasing at a very minimal rate as more people gain internet access by the day. However, a spark in cyber crimes has been observed since the global pandemic. As many services are now offered online, people have begun to conduct most of their daily affairs over the internet, whether it is online shopping or digital banking.
Unfortunately, with each passing day, newer versions of malware and ransomware emerge, and there are no pre-existing security tools to counter the threat they pose to a standalone user or more extensive server networks. Thus, it is essential that users are cautious when using the internet, especially when exchanging personal information. Also, the Canadian government greatly encourages its citizens to report any form of cyberthreat or cybercrime to the Canadian Anti-Fraud Centre or their local police station.