O Canada! Our home and malicious land?
Three years ago, when we first looked at the state of cybercriminal activity in Canada, we were a bit surprised to find ourselves in the top 10 for the cybercrime trio of hosting malware, phishing sites and botnet command and control centers. Cybercriminals were taking advantage of our welcoming Canadian nature and our reputation.
Since the inaugural report in 2011, we have seen ongoing increases (see 2012 figures) in all of the major cybercrime activities. In addition, this year’s research revealed some surprises.
This year’s story isn’t just about escalating figures, though. When conducting this year’s research, we encountered some pretty serious and world-impacting ramifications from the abuse of Canada’s trusted status.
The top findings from the report include:
- a 25 percent increase in malware hosting
- an 83 percent increase in botnet command and control hosting
- phishing sites hosted on Canadian servers decreased by 67 percent
- Canada hosts the third largest volume of advanced malware command and control servers
Amazingly, Canadian servers are used as the command and control in a disproportionate volume of advanced malware attacks. By these, we mean the types of malware associated with the most prominent of headline-grabbing corporate espionage and infrastructure attacks. If these attacks aren’t coming from Canadians, then we are seeing foreign cybercriminals setting up virtual bases in Canada to command corporate espionage attacks.
You can download Websense’s third annual Canadian Cybercrime Report Card here. The report outlines some of the metrics and the stories behind the current state of cybercrime in Canada, and where Canada is in the global ranks of top countries hosting cybercriminal activities.
An infographic of the finding can be dowloaded here, or click on the image below.
I am a proud Canadian, and I believe we can no longer continue to allow the exploitation of our infrastructure for criminal means. Hopefully this report can help rally the security community to continue to share information, unite industry, vendor and government to fight the encroachment of cybercrime on our shores.