Focus On

COVID-19 being used as means to spread malicious online content, report says

Wednesday, November 18, 2020 @ 3:18 PM | By Ian Burns


Online actors are using COVID-19-related content as a means of getting people to open malicious links and attachments, according to a federal government agency tasked with monitoring online threats.

The information comes as part of the National Cyber Threat Assessment report from the Canadian Centre for Cyber Security, released Nov. 18. It said COVID-19 lures often attempt to replicate or imitate the branding and style of legitimate organizations, such as international organizations and public health agencies, and state-sponsored cyberthreat actors are likely to continue targeting Canadian intellectual property related to combating COVID-19 in order to support their own domestic public health responses or to profit from its illegal reproduction by their own firms.

“Cybersecurity has never been more important, as more and more of our business and personal activities move online. As this report shows, cyberthreats are becoming more sophisticated, and more far-reaching,” said Defence Minister Harjit Sajjan. “This report helps policymakers, business leaders and individual Canadians increase their online safety in an evolving cyberthreat landscape.”

The centre also identified the commercial sale of cybertools, coupled with a global pool of talent, as resulting in more threat actors and more sophisticated threat activity. Illegal online markets for cybertools and services have also allowed cybercriminals to conduct more complex and sophisticated campaigns, it said.

Cyber centre head Scott Jones said the cyberthreats Canadians face are increasing in severity.

“The conclusions reached in this report show why we must continue to work closely with our allies, and our partners across government and industry to build Canada’s cyber resilience,” he said.

State-sponsored cyberactivity from nations like China, Russia and North Korea are said to pose the greatest strategic threats to Canada and these actors will almost certainly continue to conduct commercial espionage against Canadian businesses, academia and governments as a means of stealing Canadian intellectual property. Ransomware attacks directed against Canada were identified as “almost certainly” continuing to target large enterprises and critical infrastructure providers.

The report was the cyber centre’s second National Cyber Threat Assessment. The first was published in December 2018.

If you have any information, story ideas or news tips for The Lawyer’s Daily please contact Ian Burns at Ian.Burns@lexisnexis.ca or call 905-415-5906.