CIRA Security Workshop highlights major threats to internet

Last week CIRA hosted a cybsersecurity workshop in Toronto.

If there were ever any doubt that cybersecurity is a major concern, a packed room at the CIRA Cybersecurity Workshop last week in Toronto would indicate otherwise.

CIRA hosted the workshop for members who were interested in learning more about rising threats like ransomware, and to provide an overview of some of the ways they can protect themselves.

The discussion began with Vince Mammoliti, from the Toronto Internet Exchange (TorIX), who outlined how the way data flows across the internet is often a threat to privacy and data security.

TorIX is a not-for-profit Internet Exchange Point (IXP) that provides a hub where independent networks can interconnect directly to one another, providing high-bandwidth and low-latency access at a lower cost than traditional transit.

According to Mammoliti, many Canadians are unaware that their data often travels through the U.S. even when it is on its way to another location within Canada.

“To send data to my next door neighbour, it has to go all the way to Chicago and back,” said Mammoliti. “When your traffic goes down south, the NSA can inspect it."

Since 2010, traffic to TorIX has increased 700 percent, and according to Mammoliti, the current political situation in the United States has accelerated the trend.

“As the main dude down south keeps talking, people are moving their data up here.”

While threats from spy agencies may seem more theoretical, the hazards of ransomware carry much greater real-world, and real money, costs.

Adrian Beaudin, from Nominum, a CIRA partner, indicated that ransomware costs for consumers have doubled in the last three years, up to the $600-700 range.

Nominum provides the core technology behind CIRA's D-Zone Firewall, and Beaudin noted that the industry seems to have reached a tipping point of awareness of cybersecurity threats.

Beaudin said that while a major ransomware payment is reported in the media nearly every month, often the smaller, less prominent hacks go unnoticed. "Sometimes it is faster to just pay the ransom," he said.

D-Zone Firewall protects the network by monitoring the DNS, which Beaudin believes is a highly effective place to stop threats.

"DNS, because it is the first step in the three-way handshake, to a connection on the network, is a really efficient place to put a security control," said Beaudin.

According to Beaudin, the popularity of IoT devices, combined with the ubiquity of mobile, are creating an atmosphere where cybersecurity is no longer just an enterprise threat.

"Home baby monitors, I don't have one in the house," said Beaudin.

Finally, CIRA's own Mark Gaudet provided the audience with an overview of the first few months of commercial availability for D-Zone Firewall. If you want to stop reading now, Gaudet summed it up in one sentence: "Malware and ransomware are the new black."

Since its launch in June, CIRA's D-Zone Firewall has signed on dozens of customers, primarily among school boards, colleges and universities, and municipalities. The pattern being seen over and over is the threat posed by ransomware, which represents a significant chunk of the threats blocked by D-Zone Firewall.

Over one 24-hour period, more than 212,000 phishing domains were blocked, and the suspicious sites aren't always shadowy third-party domains. A healthcare customer found that upon switching on D-Zone Firewall their own website was blocked--and not by accident. It turns out it had been compromised by hackers. It was only one example of how easily an organization's network can become compromised. It is also why any blocking service needs to be looking at all web properties and actively managed in real time.

"At a school board, one of the first calls we got when they turned it on was from someone who was trying to get to a website that she downloads educational material from, Said Gaudet. “It turns out that the site was compromised and was distributing malware."

The security workshop is only one element of CIRA's commitment to building a better online Canada. After all, the internet isn't very helpful if it's full of malware. Providing members with the information and tactics they can use to keep their networks and data safe is critical to ensuring they can use the internet to its full potential.

If you're interested in finding out when CIRA will be on the road next, visit our event page.

Blog navigation