Canada becoming more attractive for cyber criminals: report

Canada has become an increasingly attractive spot for cyber criminals, likely because of our good reputation, according to a new “report card” from IT security firm Websense.

Since last year, there has been a 25% increase in Canadian sites hosting malware, Websense says.

Based on the last three months, Canada holds the No. 10 spot for countries hosting malware (The United States is No. 1).

That could be because more websites are being created, as the barriers to doing so decrease, the report notes. The increase in malware could also be because of “large-scale compromises of Canadian sites built on vulnerable content management platforms like WordPress,” it says.

There has also been a major increase by 83% of command and control servers in Canada, through which hackers tell malware what data to look for, the report says.

That’s probably because of Canada’s “clean reputation,” Websense says, meaning that businesses wouldn’t see their computers communicating with an IP address in Canada as the same red flag as if they were communicating with another country like China.

The U.S. takes the top spot again for number of C&C servers, while Canada is No. 8, according to the report.

While phishing decreased by 67% in Canada this past year, we’re still No. 4 on the list of countries that hosted the most phishing in the first quarter of 2013, with the United Kingdom, Germany and the U.S., taking the top three spots, according to the report.

Websense also says that there has been an increase in the foreign cyber criminals setting up virtual bases in Canada to coordinate corporate attacks.

“We discovered that Canada hosts a disproportionate volume of advanced malware C&C servers,” the report says.

“In fact, last year Canada hosted the third largest volume of servers communication with the type of highly sophisticated malware responsible for stealing valuable corporate data,” it says. “That is ahead of Korea, Germany, Russia and even China.”

Again, that’s likely because transfers from servers in a “trusted” country like Canada might be more successful, the report notes.

“As countries come under scrutiny for known malicious attacks, the bad guys are simply shifting criminal activities to countries like Canada that have strong infrastructure and traditionally have had better cyber reputations,” Websense says.

A lack of Canadian “takedowns” of malicious sites could also be exacerbating the problem, it adds.