Social Media Center

Last week, Patrik Runald joined CBC’s Lang & O’Leary Exchange to discuss the recent surge in Canadian cybercrime. In the segment, Runald answers a series of questions on why this escalation is happening. He explains how the increase is not an accident, but rather a calculated, organized move. To avoid the severe scrutiny of security software that IP addresses in China and Eastern Europe experience, cybercriminals are moving their networks to countries like Canada that have better cyber reputations. Canadian infrastructure is being used to attack users worldwide. As a result, in the past year alone, Canada has seen a 319 percent jump in servers hosting phishing sites, a 53 percent increase in bot networks, and is now number six in the world for hosting cybercrime.

The numbers are continuously rising, and attacks are growing increasingly more advanced. Read more about the threats here. Watch the full interview here.

The Canadian Press just published a new article highlighting a recent Websense® report on cyber security in Canada. According to the report, Canada has become a hotbed for cybercrime as hackers move away from servers in China and Eastern Europe. Canada is now second on the list of countries hosting the most phishing sites, in addition to becoming sixth worst on Websense’s overall list for hosting all cybercrime attacks (as opposed to 13^th from last year).

"That doesn't mean the bad guys are in Canada, it doesn't mean the affected users are in Canada, but it means the Canadian infrastructure is being used to attack against someone in the world.” –Patrik Runald, Websense senior manager of security research

Basic precautions cannot prevent the harmful effects of attacks on this scale: most of the time network administrators can’t even tell that there’s malicious content hiding on their servers. The Canadian Press article calls attention to the Websense Security Labs™2010 Threat Report, which reports that almost 80% of cybercrime scams are on compromised legitimate web servers.

"The attacks we're tracking today are so advanced they're really hard to find unless you know exactly what you're looking for."—Patrik Runald

These findings raise an important issue: older, more traditional forms of web security do not stand a chance against such modern, blended threats. Learn about advanced ways to protect your organization here.

The Globe and Mail released an article today highlighting a surprising new “virtual haven” for cybercriminals to operate their scams – Canada. The article draws from a recent study made by the Websense®Security Labs™, which ranks Canada as the 6^th most likely country to host malicious servers (a huge jump from being ranked 13^th last year).

“Canada is moving up in what I call our Top Ten Badness list” – Patrik Runald, senior manager of security research at Websense

The study found that websites engaged in a scam called “phishing” – a ploy where hackers use email to guile people into giving away personal information or passwords – tripled in the past year in Canada. Another type of malware that command-and-control other machines (Botnets) increased by 50%.

The U.S. still remains number one for cyber threats followed by France, Russia, Germany and China. However, the United States has recently upped its cyber law enforcement game, which could be pushing cyber crooks north of the border. Canadian domains are also less likely to be severely scrutinized by security software, leaving Canadian consumers more vulnerable to phishing attacks.

This unexpected surge of cybercrime hosted in Canada raises some big security challenges for both the public and private sector – learn more about how to protect your organization here.

In a recent blog post on CNET, Elinor Mills warns readers of how a major news event like Osama bin Laden’s death has provided an avenue of profit for online scammers. Within hours of the first breaking news, scams and malicious links on Facebook began to rear their ugly heads alongside malware that popped up on sites that were primed and optimized to be in web searches related to bin Laden’s death.

Mills highlights Websense® Security Labs™ research that was conducted on recent attacks surrounding bin Laden’s death. The Labs discovered that a Pakistan-based tweeter who was live-tweeting the U.S. raid garnered over 60,000 followers and as a result of his surge in popularity, found his blog compromised by malicious attacks.

Patrik Runald, senior manager of security research at Websense Security Labs was quoted in the article:

“Visitors to the blog would not immediately have noticed anything as the malware was installed as a drive-by download without the visitor having to do anything.”

Hm. Does this strike you as reminiscent of Lizamoon just earlier last month? Remember, even the most popular sites can fall to malicious attacks at any time. Huge news like the bin Laden death have only made it easier for hackers to find their way to high-traffic sites that may not have the proper protection from modern security threats.

Stay cautious when browsing the web for information, particularly when the topic is a big one. It’s best to know before you go – check out AceInsight.com to make sure that you’re not putting you or your organization’s information at risk.

In a new post on All Things Digital, writer Arik Hesseldahl bemoans the cyber consequences of tweeting while witnessing historical events. Hesseldahl refers to the unfortunate hacked site of Sohaid Atha, who live-tweeted descriptions of the US raid that killed Osama bin Laden without even really knowing what was going on. While it wasn’t a specific individual who launched the attack, an automated process kicked in as a result of locating a surge in traffic to Atha’s site.

 Hesseldahl recounts his interview with Patrik Runald, Websense® Security Labs™ Senior Manager.

“ Patrik Runald, a Websense security researcher, said that sometime overnight, the increase in attention on Atha’s Twitter feed, which contains a link to his blog, R____l.com, was compromised and was as of this morning serving up malware.”

In addition to this attack, there’s some malvertising appearing on Facebook in regards to Osama bin Laden’s death, promising bogus footage of his death. Users are warned to stay away from clicking on these links. Want to find a way to protect yourself on Facebook? Scan it with Defensio.

The BBC recently wrote an article covering the LizaMoon cyber attack, which has compromised a massive volume of websites. The scareware campaign works by redirecting victims to fake domains and prompting them to purchase phony antivirus software called the “Windows Stability Center.” Websense® is highlighted in the article for the analysis and tracking of the SQL injection attack since  Websense Security Labs™ initially discovered it on March 29.

The BBC posted an article today that outlines a recent malvertising attack through an ad on the popular music streaming site Spotify. The ad did not even need to be clicked on in order to infect a user’s machine – a bogus anti-virus “Windows Recovery” program would pop up and install onto user desktops without their knowledge or consent.