The man in charge of protecting Canadians from malicious hackers says it is vital for Canada and the United States to keep working closely together on cybersecurity.
Thank you for reading this post, don't forget to subscribe!Sami Khoury, the head of the Canadian Centre for Cyber Security, was in Washington, D.C., this week for an international cybersecurity summit and meetings with U.S. counterparts.
Khoury said the two countries have become essential partners in fortifying the continent’s cyber defences, a collaboration that he expects will only continue to grow. But in a world of ransomware, foreign interference and hostile nation-states, he said he worries that citizens and businesses alike aren’t taking the danger seriously.
Khoury said the only thing that keeps him up at night is the risk of the cybersecurity centre’s alerts and advice being disregarded, due to cost or apathy.
Reports often show that years-old software vulnerabilities are still being exploited, he said, a sign that computer systems aren’t being updated.
“It’s important that people look at that in a serious manner,” Khoury said in an interview.
WATCH | Danger of ransomware attacks in Canada:Â
Ransomware attacks threaten Canada’s national security, report warns
A report from the Canadian Centre for Cyber Security warns that criminals, often harboured by Russia, are likely to pose a threat to the nation’s security and economy over the next two years and that ransomware attacks now constitute the most disruptive form of cyberattack facing Canada.
“I know that sometimes updating a system can be costly, but the flip side of that is not updating it opens you up to a vulnerability that might cost you more than just updating the system.”
Small and medium-sized businesses are particularly at risk, especially as larger, high-profile companies that operate critical infrastructure gradually fortify their defences.
“They’re small, they’re medium, but they play an important role in society, and it’s important they take cybersecurity seriously,” Khoury said.
“In many cases, these cybercriminals will go wherever they can find an opportunity. And if they see an opportunity in exploiting your networks or your operations, they will not hesitate.”
Shared infrastructure across the border
Khoury spent several days in the U.S. capital, meeting with American counterparts and Canadian Embassy officials, and taking part in the Billington Cybersecurity Summit, a major annual gathering of experts from around the world.
He sat on two panels that were of specific interest to Canada: confronting threats to global supply chains and the growing role of international collaboration when it comes to defending against them.
The deep defence and intelligence ties between Canada and the U.S. go back more than 75 years, but “cyber takes it to a whole new level,” Khoury said.
And given the extent to which critical infrastructure conduits such as pipelines, power lines, transportation corridors and financial exchanges travel across the Canada-U.S. border, closer collaboration and integration only make sense.
“It’s in our collective interests, both on the U.S. side and on the Canadian side, that we line up our cybersecurity effort, so that we are on message when we assess the threat,” Khoury said.
“It’s the same infrastructure on both sides of the border.”
WATCH | 2021 hack shuts down major pipeline:Â
Cyberattack targets major U.S. pipeline
One of the worst cyberattacks on American infrastructure will keep a pipeline from Texas to New Jersey shut down for several days. Officials blame a criminal gang known as DarkSide.
One compelling example of that threat came in May, when agencies from across the Five Eyes intelligence alliance, including the Canadian Centre for Cyber Security, issued a dramatic warning about state-sponsored hackers from China targeting a critical piece of U.S. infrastructure.
The previous month, a leaked trove of Pentagon secrets included reports of hackers based in Russia who had successfully accessed Canada’s natural gas distribution network, although a specific company was not named.
And in 2021, with the world still in the throes of the COVID-19 pandemic, a ransomware attack effectively forced a six-day shutdown of the Colonial pipeline, triggering fuel shortages across the country.
Infrastructure systems have proven popular targets for hackers because of the often profound residual effects such attacks can have, as well as the tactical value of commercial intelligence, Khoury said.
In addition, cybercriminals working on behalf of nation-states are often keen to secure access to such systems not to wreak immediate havoc, but to lie in wait in the event of geopolitical developments that warrant an attack.
“The message has to be repeated,” Khoury said. “We have to constantly push the message out that the threat is real, that companies have to take it seriously, that they have to build resilience and that they have to be vigilant about their networks and their activities.”
