���߲ݴ�ý

“Cybersecurity is a collective responsibility and it only takes one wrong click to become vulnerable to cyber criminals,” said Rajiv Gupta, head of the Canadian Centre for Cybersecurity, in a news release.

This year’s campaign helps individuals understand the threats that exist and shares simple but effective steps everyone should take to be safe online.

Statistics Canada says Canadian businesses have been exposed to risks regarding privacy, data protection and cybersecurity.

In 2023, 16 per cent of Canadian businesses were impacted by cybersecurity incidents, which has actually decreased from 21 per cent in 2019 and 18 per cent in 2021. However, the costs to businesses have increased, with StatCan pointing out that total spending on recovery from cybersecurity incidents doubled in 2023 compared to 2021.

Total spending to recover from cybersecurity incidents reached $1.2 billion in 2023, with a large portion of that coming from businesses, with large businesses accounting for about $500 million of that spending and small- and medium-sized business spending about $300 million.

Total spending on prevention and detection of cybersecurity incidents came in at $11 billion in 2023, up from $9.7 billion two years earlier.

Most common cyberattack methods

StatCan reported the most common methods used for cybersecurity against businesses in Canada by percentage.

In 2023, these were the most common:

• Scams and fraud — 50 per cent
• Identity theft — 31 per cent
• Exploiting software, hardware or network vulnerabilities — 25 per cent
• Password cracking — 22 per cent
• Malicious software (excluding ransomware) — 18 per cent
• Ransomware — 13 per cent

There is a percentage overlap as multiple methods may be used in a single incident.

You can learn more about this issue on the .

Cyberattacks in our communities

Across Metroland’s southern Ontario footprint, we have reported on a number of cybersecurity incidents that have impacted municipalities, businesses and other institutions.

Check them out below.

City of Hamilton

The City of Hamilton has spent $7.4 million, so far, to recover from a February cyberattack that has impacted numerous city services, such as city phone lines, transit operations, building permits, public library services and more.

Nearly $5 million of that total was spent on outside help to contain and recover from the breach.

The has more details on this story.

Law firm

Another story out of Hamilton was about a law firm that was hacked this summer. In this incident, a slain mobster was once a client of this law firm and his personal information, including photocopied images of his driver’s licence and credit card, were posted to the dark web, as well as the personal information of other clients.

The has the full story.

York Region District School Board

The York Region District School Board suffered a cybersecurity incident back in November 2023 that resulted in a network outage and data breach.

This past June, the school board began notifying families of children whose personal data was included in the data breach. No financial information was accessed in the attack, the board said, but families were to receive specific information regarding the data that may have been compromised.

has more information on this issue.

Town of Huntsville

The Town of Huntsville has had to recover from a ransomware attack earlier this year, which was discovered in March.

The attack impacted the town’s computer systems, software and files and made the unavailable.

Even the town’s Algonquin Theatre had to reschedule some shows, as it was unable to process ticket exchanges or refunds.

The has more details on this issue.

Human Rights Legal Support Centre

A cybersecurity incident in late 2023 against the Human Rights Legal Support Centre, a government-funded agency that supports people who are victims of discrimination, may have exposed its clients’ names, addresses, telephone numbers, emails and more.

There has been no indication that the personal information has been misused, but people have been advised to watch for suspicious activity or communications.

The has more details on this issue.

University of Waterloo

The University of Waterloo was hit with a suspected ransomware attack to its online systems in mid-2023.

The university said it was able to interrupt the attack while it was in progress.

The attack compromised an on-premises email server; however, since nearly all the school’s email services are hosted on a cloud-based system, the attack impacted just 12 individuals, none of whom were students.

The RCMP discovered the attack and it’s unclear what the attackers were seeking.

The has more details on this story.

City of Burlington

It took the City of Burlington approximately four years to recover most of the money it lost in an email scam in 2019.

The scam involved a single electronic transfer of $503,000 to a falsified bank account, following a complex phishing email to city staff requesting a change of banking information for an established city vendor.

The has more on this story and how the city got its money back.

Phishing of 407 customers

Highway 407 ETR has issued a warning about scammers sending fake payment requests via text message earlier this year.

The toll highway does use texts to remind customers of outstanding bills. The scam messages are designed to deceive people into clicking a malicious link, which could make them vulnerable to personal data theft.

When the initial story was reported, the toll highway reporting shutting down 25 fraudulent domains (website addresses).

More information on this story is available below.

Top scams of 2023

The Canadian Anti-Fraud Centre, near the end of 2023, issued a list of the top scams of the year, as well as information to help people avoid them.

The list included investment scams, targeted phishing attacks (otherwise known as spear phishing), service scams, romance scams, emergency scams and more.

You can learn more at the link below.

Protecting yourself

has information and resources on how you can protect yourself from these types of cyber scams.

The also provides these types of resources, as well as instructions on what steps you should take if you’ve been a victim of crime.