October is Cyber Security Awareness Month in Canada. For Central 1, cyber security is something we think about and work on all year round. This month, we’re exploring the current cyber landscape, as well as the essential cyber security topics that leaders should consider when evaluating their organization’s readiness and cyber resiliency.  

The cyber security landscape – what you need to know  

Understanding the current threat landscape and the right steps to take is vital to make sure that both your organization and your clients remain secure. Organizations around the globe build billions of new connections each day across the internet, creating a dynamic environment for cyber threats. According to Cisco’s Cyber Threat Trends Report, the most prevalent categories of threats currently observed are Information Stealers, Trojans, and Ransomware. 

Information stealers are malicious programs designed to collect various kinds of personal and financial information from an infected system. They can capture keystrokes, extract files, steal browser data like passwords and cookies, and more. First identified around 2020, this is typically delivered via email and malvertising campaigns, either directly or via exploit kits and loader malware.  

Trojans are malware that disguise themselves as legitimate software to mislead users about their true intent. They often spread through malicious links or email attachments, such as fake invoices, which install the Trojan when clicked. Once activated, Trojans allow cybercriminals to spy on users, steal sensitive data, and gain unauthorized access to systems. Trojans continue to be a common threat –, the ease with which Trojans can be spread through social engineering and software vulnerabilities contributes to their ongoing prevalence. 

Ransomware is a type of malware that encrypts the files on a victim’s computer or network, making them inaccessible, and demands a ransom payment. Victims are often threatened with loss of data or exposure of stolen data if the ransom isn’t paid. On April 28, Canadian retailer London Drugs released that it had been the victim of a ransomware attack, and that cybercriminals on the dark web were threatening to leak stolen files from its corporate head office, including employee information if they were not paid.  In response, London Drugs closed all 79 of its stores in B.C., Alberta, Saskatchewan, and Manitoba when it became aware of the cyberattack and didn’t reopen until May 7. This type of attack is highly profitable and, the financial losses and reputational damage to the victim can be significant and long-lasting. 

The cyber threat landscape is ever-evolving and scams are becoming more and more sophisticated. To help your organization stay secure, we’ve outlined some key business considerations and why they are important:  

1. Cover your basics and implement robust security

   Do you have a good understanding your organization’s threat profile? What steps have you taken to implement multiple security layers? This type of defense can create a robust system where if one mechanism fails, others step in to prevent potential attacks. This includes essential information security functions like security testing, access management, network-database-application security best practices, continuous monitoring and security data benchmarking. 

2. Build a resilient organization

   Do you have a good understanding of your organization’s critical dependencies and do you have the right back-ups in place? Critical dependencies include technologies, networks, services, applications and processes you use to effectively manage your data, systems and access backup. 

3. Test your crisis management, disaster recovery, and business continuity plans

   A well-documented and tested incident response plan prepares your organization to effectively respond to incidents in the moment when they happen. Testing a variety of scenarios — including specific attacks like ransomware — will help your team identify where your response processes need to be improved. Designating an executive to lead these efforts can enhance the effectiveness of incident response, driving a clear sense of the importance of preparing for incidents and providing clear leadership when an incident occurs.

4. Anticipate the decisions you’ll need to make quickly in the event of an attack

   The designated executive should have key information to make good decisions in relation to potential damages (operational, financial, legal, reputational). For example, along with the rest of the team, they should determine whether to pay a ransom and the specific circumstances that would lead to this action.

5. Test your communication plan in the event of an attack

   A clear communication process is essential for informing the board, CEO, employees, regulators, stakeholders, and members or customers about a security breach or incident. This provides timely information so they can carry out any action they need to and to feel confident that your organization is handling the issue appropriately. In many cases, regulations exist mandating reporting breaches within a certain time frame — your organization should be aware of these requirements and make sure they’re incorporated into your communication processes.

6. Learn about cyber insurance and make sure it’s adequate to cover your losses

   Insuring against financial losses or damages caused by cyberattacks has become an important part of many organizations’ risk management function. Make sure you understand what your organization’s cyber insurance covers. If you don’t have cyber insurance in place, it is crucial to develop a comprehensive plan to address the associated costs.

7. Think through potential risks due to new geopolitical conflicts

   In a business environment that is often influenced by geopolitical conflicts, financial institutions of all sizes are at risk of being targeted by cybercriminals who move swiftly to exploit organizations’ vulnerabilities as a result of these conflicts. To strengthen your defense, make sure to review and invest in multiple layers of defense and real-time threat intelligence. This can include data feeds, live threat maps, and up-to-minutes alerts.

8. Train your staff

   Foster a culture of cyber security awareness throughout your organization. Regularly train employees on best practices, such as recognizing phishing emails and using secure passwords. Human error plays a part in most cyber breaches.

Being prepared for cyber events is primarily about having foundational practices that can effectively block attacks. Successful cyber attacks are extremely costly and can be detrimental to any organization. Prevention is key to keeping your business safe. 

Have questions about your cyber security? Check out our toolkit: Cyber Security – Central 1 Credit Union.