COVID-19: Is Coronavirus Leaving Canada's Back Door Open to Cyberattacks? Canadian Ethical Hackers Cite Australian Cyberattack as an Early Warning

TORONTO, June 23, 2020 /CNW/ - With the bulk of Canadian Government resources focussed on addressing the COVID crisis, Canada may be unintentionally leaving the back door open to serious state-sponsored cyberattacks. According to Richard Rogerson, Managing Partner of Packetlabs, a collective of ethical hackers specializing in real-world simulated cyber-attacks to protect governments, businesses and organizations, the real danger of cyberattacks has increased exponentially due to remote working during COVID-19.

"We just saw a very serious, active cautionary tale play out in Australia after they announced a massive and successful cyber-attack last week," said Rogerson. "Australia was targeted by a state-sponsored cyber-attack across several industries and all levels of Government. In the wake of the attack, the Australian PM urged businesses to shore their defences, stating that the "malicious activity" was also seen globally. Canada clearly needs to take that warning seriously and get our house in order."

According to Rogerson, the unsettling truth is that COVID-19 has forced several companies to cut corners for quick remote access and opened exposure to insecure applications that often make use of weak credentials. This gives a tempting opening for cyberattacks.

Packetlabs is sounding an early warning, hoping that the Canadian Government and businesses step up to reduce the risk of a successful cyberattack.

What Canada and Canadian businesses can do now:

1) Consider themselves a target (even if they are far removed from the Government or sensitive information)
Canadian steel manufacturers are an example as they are in the supply chain for the production of controlled goods. If they are compromised by a cyberattack, there could be an impact on operations that would cause a financial impact to their business, and ultimately to Canadian defence capabilities.

2) Actively test weaknesses and schedule a penetration test:
Similar to a fire drill, governments and companies need to explore their businesses from an attacker's perspective. Unfortunately, not all industries take cybersecurity seriously because they feel they do not have sensitive information or mandated requirements for testing.

A penetration test is basically a cybersecurity fire drill. Generally, Packetlabs run such assessments blind, meaning that limited staff (CISOs, CIOs, VPs) know that an attack is coming to monitor and assess their incident response efforts.

3) Don't assume your IT guy is on top of it:
According to Rogerson, managed service providers / IT Service providers and companies throughout the supply chain end up being the weakest links, they enable remote access to 20-30 targets at a time. "Most manufacturing environments are internet-connected and make use of weak/default credentials," added Rogerson. "Some still use seriously outdated legacy operating systems including Windows XP."

4) Educate your staff about phishing:
A lack of internal network segmentation enables an attacker who compromises a business using targeted phishing attacks to move throughout the environment without any additional security layers. "Within our phishing campaigns, we typically have a 15-20% submission rate often leading to remote access," added Rogerson. "We've even had administrators fall victim to phishing campaigns which enabled the compromise of their business within 1-2 hours."

5) Embrace two factor authentication:
According to Rogerson, Packetlabs can obtain administrative privileges over an entire network within two weeks on nearly all the attacks they perform. What many businesses use is single-factor authentication, traditionally a simple username and password. Single factor authentication is easy to guess and/or steal through phishing or other means.

"Our job is to make the attacker's job more difficult," added Rogerson. "We work to isolate outdated legacy applications, find all missing critical security patches, and provide recommendations to improve overall security."

Rogerson points out that the easiest way for Governments and businesses to protect against a cyberattack is to keep their computer systems up to date with easily available security patches. Australian authorities have identified their attacks as being 'copy-paste compromises,' meaning that the attacks took advantage of programs in the public domain. This also shows that because commonly available programs can be compromised for a major cyberattack, the attackers don't even need the persistence or funding of a state actor to be successful.

"The Canadian Government and Canadian businesses need to get serious about their cybersecurity, or we could see a real shutdown through weak remote worker systems, phishing, copy-paste compromises or other proven tactics. The good news is that if we learn from the Australia attack, we can start plugging the holes in our systems today."

About Packetlabs
Packetlabs are a collective of ethical hackers specializing in real-world simulated cyber-attacks to protect organizations. They offer a variety of services including infrastructure penetration testing, web and mobile application testing, social engineering, red team exercises, source-code reviews and exploit development all to help clients protect their data and customers.

Their clients occupy multiple industries including government, technology, media, retail, healthcare, financial, consulting, law enforcement, and more. Packetlabs mandates each of their consultants with the most advanced penetration testing training available in the industry.

SOURCE Packetlabs

Patrick McCaully, Pointman News Creation, [email protected]