Download your copy >
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Be notified of Websense news, product information, industry events and more.
we want to hear from you >
Cybercriminals are on the move again. And, this time, Canada is the prime target. IP addresses in China and Eastern Europe are highly scrutinized and undergoing intense evaluation. So hackers are on a quest to move their networks to countries, like Canada, that have better cyber reputations.
It's a little surprising to me as well. Previously, Canada was a place of great beer and hockey (next year, Habs!). But Websense recently conducted an analysis of Canada’s cyber security risk profile, and all trends pointed to Canada as the new launchpad for cybercriminals. For example:
More malicious content is being hosted in Canada than ever before. How will the public and private sector protect Canada? And, will the Canadian government be able to take down major Internet crime networks - similar to when the US brought down Rustock and Coreflood?
Here's a quick peek at the top countries hosting phishing sites for the first part of this year. You can clearly see that Canada now holds the number two position for hosting this type of crimeware.
So, the question I have for you folks - is this surprising to you? Why or why not? We'd love to hear from you in the comments below.
Download video file:
Windows | Mac
Not really surprising. Criminals strike when the opportunity presents itself, and prefer to work where there is lower risk. System hosting doesn't necessarily equate to criminals' geo-location.
Canada is really just waking up to online threats. The government is forming committees to study and plan our online incident response strategy. Small and medium sized businesses are mostly unaware.
I don't believe we even have an official CERT team yet. CanCERT was an effort that hasn't taken flight, and the Canadian arm of the NCFTA is just taking its first tentative steps.
Just my 2¢, collect the whole dime.
I'm not surprised. Canada's government has virtually no cyber-security presence. Canada CERT is a private company, not government funded like the rest of the world. The RCMP have a really basic government website that refers to all the great programs in the US with a bunch of broken links.
I work in the IT security industry and everything I get for information and training is from the US.
It's shameful, and it's no wonder the bad guys are moving in. We're friendly, we have nobody watching the door and we'll click on anything.
I worked for a large Canadian ISP last year in the Internet Abuse department, and I am surprised that Canada was not on this list sooner. The procedures and knowledge base was years out of date, thus I had to train myself and the rest of the team, and I'd constantly push for security awareness and new policies (though I made little headway). Canadian businesses don't seem to care about digital security until they see what they can/will lose financially (being reactive rather than proactive). I think the Canadian government really needs to step up their game and fund/establish a national CERT team, also establish minimum security thresholds for businesses and individuals to meet.
What is that dot between Manitoba and Nunavut? There are no roads up there, let alone wired ethernet, you are more likely to run into a polar bear than an Internet cafe. Can any of this data be trusted?
Hi Drew, the dot is the approximate geographical center of Canada. That marker represents IPs that only resolved to Canada and not a specific location.
I appreciate that WebSense is posting some of the data gleaned from the services being offered. As a security professional trying to help my clients navigate the difficult security issues, the report being referenced as the source for these conclusions leaves me with a few questions that I think many would appreciate the insight into. In fact the 2010 report only mentions Canada once within the report. Here are some of the data points that I could use more data to understand.
Are these data points based upon only data collected by WebSense from customers that are contributing data to the program?
If so, do the individual increases/figures also reflect the changes to total Canadian representation within the source data?
Also, if it is, I would like to suggest a caveat be provided that this data is only based upon data collected by WebSense customers and that the generalized conclusions based on any associated inferences also be caveated.
Again I appreciate the data/report being provided, these go a long way to helping to bring awareness to the problem, I just think that some transparency to the reporting helps dial back the FUD that the mainstream media spin promotes.
First apologies that there wasn't more information on Canada in the Threat Report. While we collect the data all the time, we'll look to include more regional insight into that report in the future.
What instigated this particular bit of updated research was the targeting of Canadian government officials in a spear phishing campaign earlier this year. We wanted to see if this was part of an overall trend in Canadian malicious activity.
To look at the Canadian data (and the way we collect the majority of data), we used our ThreatSeeker Network and Advanced Classification Engine. The ThreatSeeker Network is a bit like Google, as we crawl millions of sites, looking for the bad stuff. We use more than 50 million real-time data collecting systems to analyze one billion pieces of content daily, including more than 100 million Web sites daily. We also assign reputation to more than 2 million domains, networks, IP addresses and hosts every hour.
So with this research, the results are not based on just customer requests, but our comprehensive, proactive scouring of the Web. I hope that answers your questions, but please let us know if you have any more.