A new form of cybercrime is gaining momentum and anti-virus software can't protect against it. It's called an advanced persistent threat, or APT, and according to a new report many Canadian organizations are at risk.
Canada relies on computer networks like power grids, irrigation systems and online banking, every minute of every day. As those systems become more complex, so do the cyber attacks launched against them.
A new report by internet security company Fortinet finds Canada has become a prominent target for an APT, which is a network attack where someone gains access to your system and stays there undetected for a long period of time.
“The average advanced persistent threat that managed to enter a network usually maintained persistence and stealthiness for 360 odd days," said Richard Henderson, security strategist at Fortinet.
With an attack going unnoticed for almost a year, plenty of damage can be done and sensitive information stolen.
"It wants to stay stealthy, it wants to stay quiet, it wants to sit on a system and just usually watch what you're doing," said Henderson.
In 2011, hackers based in China broke into computer systems at the Canadian Finance Department and Treasury Board.
It's reported the hackers stole the email identities of government officials to trick staff into changing key passwords.
"By sending you an email that looks like it came from your boss, but it came from them, you'll open it. That then will infect your computer and allow them to gain access to your business network," said Henderson
Anti-virus software can't protect against this kind of attack, so a company's best line of defense is its employees, acting as a human firewall.
To protect yourself and your company, don't re-use passwords for different accounts or open email you're not familiar with. And finally, be extra vigilant about sharing information when working on remote networks.
