The Russian-Ukrainian conflict has put much of the world on high alert for possible Russian-sponsored attacks on critical infrastructure.
This includes Canada, especially when geopolitics is taken into account: Canada was a founding member of the NATO alliance and is closely allied with the United States, both strategically and economically.
The reality is that the conflict is more of a wake-up call for an already vulnerable digital ecosystem. The World Economic Forum (WEF) Global Risks Report has ranked cyberattacks on critical infrastructure among the top concerns.
The forum noted that “attacks on critical infrastructure have become the new normal in sectors such as energy, healthcare and transportation.”
The interconnectedness of the cyber landscape makes every Canadian business and individual connected to critical infrastructure a potential target.
In fact, in March, the National Research Council, Canada’s largest federal research and development agency, detected a cyber incident directed against critical infrastructure.
In line with recent statements from the United States and the United Kingdom, the Canadian Center for Cyber Security has issued a warning to Canadian critical infrastructure operators to take steps to mitigate potential state-sponsored cyber threat activities Russian.
In 2020, a threat assessment by the center found that “state-sponsored programs from China, Russia, Iran and North Korea pose the greatest strategic threats to Canada and that state-sponsored cyber activity is generally the most sophisticated threat to Canadians. organizations. »
He also noted that state-sponsored actors “most likely attempt to develop cyber capabilities to disrupt critical Canadian infrastructure, such as electricity supplies, in order to achieve their objectives.”
According to Canadian Cybercrime Statistics for 2021, the Cyber Center in Canada reported 235 ransomware incidents targeting Canadian organizations between January 1 and November 16, 2021.
During the first six months of the pandemic, a full 42% of Canadians experienced some type of cybersecurity incident, and 34% of them experienced phishing attacks.
As Canadian statistics demonstrate, threat actors, particularly state-sponsored and associated criminal enterprises have taken advantage of the growing surface of cyberattacks by using their resources to employ more sophisticated means to uncover target vulnerabilities. .
They automated their phishing attacks using artificial intelligence to find new deceptive ways to infiltrate malware and/or ransomware. No country is immune to this emerging technological threat.
In the United States, cybersecurity, and an explicit Zero Trust strategy, is already at the forefront of national security priorities. Over the past two years, organized and state-sponsored criminal hackers have exploited supply chains and third parties to gain access to agencies and businesses.
Several high profile violations included Solar Winds, JBS Foods and the Colonial Pipeline.
The implications of the breaches have led the US government to issue a series of guidelines calling for greater cybersecurity cooperation between government and private industry.
The guidelines highlighted the need to strengthen critical infrastructure, much of which is owned and operated by the private sector.
These guidelines were capped by a White House executive order “Moving the US Government Toward Zero Trust Cybersecurity Principles,” in January 2022.
Zero Trust principles are a policy that assumes that every device or person connected to the network can be corrupted and should be verified.
The U.S. government agency National Institute of Standards (NIST) defines Zero Trust as “a set of concepts and ideas designed to minimize uncertainty in enforcing accurate, least-privilege, per-request access decisions in systems and information services in the face of a network deemed to be compromised.
Zero Trust makes sense for the United States, given that the number of breaches has increased exponentially around the world each year, as well as the capabilities of hackers who now share tools on the Dark Web and automate many of their attacks. .
Due to increased threats and the fact that you may not even know if your network is already corrupted, a Zero Trust strategy based on the precepts of not trusting and verifying everything connected also makes sense for the Canada.
Additionally, a Zero Trust approach is needed to address vulnerabilities associated with aging critical industrial infrastructure and reliance on legacy systems, many of which operate in the United States and Canada.
Cyberconflicts and the changing digital landscape have necessitated a refocus on strengthening cybersecurity strategies for Canada.
Developing a proactive approach to these threat realities requires a new security posture. This should include strong investments, resources, expertise, and enhanced technology and tool capabilities.
A Canadian Zero Trust framework will help assess situational awareness, align policies and training, optimize technology integration, and strengthen privileged access management.
It will also promote information sharing, establish mitigation capabilities and maintain cyber resilience in the event of cyber incidents.
Cybersecurity must be at the top of the priority list because the stakes are high and the consequences of breaches are potentially deadly.
The engines of the economy and the way of life of Canadian citizens depend on better cybersecurity.
Canada should follow the lead of the United States in instituting an adaptive Zero Trust strategy to protect government and industry from threats that may arise from the Russian-Ukrainian conflict and elsewhere.