Image Credit: Pexels/Mikhail Nilov
January 18, 2023 - 6:00 AM
A cyberattack knocked Okanagan College offline for more than a week. It is just now slowing getting its systems back into operation.
That’s a huge organization with lots of IT specialists to help them fight off the cyberattack. But small businesses – all the way down to one-person online operators – are likely at even greater risk.
“Everybody is a target no matter how much protection you have in place,” Todd Chapman CEO of the Kelowna branch of CMIT Solutions, told iNFOnews.ca. “If you’re a target and you have something that somebody wants, they will reverse engineer you until they get in.”
CMIT is an international cybersecurity company. Its only Canadian branch is in Kelowna.
“Most people assume that hackers are still kids in garages, people just wanting to make disruptions and havoc in the world,” Chapman said. “And yes, there is still some of that but hacking is actually a really big business. Guys sit around in suits and say: ‘How are we going to do our next attack?’”
While some of that hacking is coming from countries like China or India, it could be happening locally as well.
“Not everybody within the organization actually realizes that they’re doing something bad,” Chapman said. “They’re just doing a job. They’re doing programing. They’re doing scripting. They’re doing marketing. There could be three floors in a Landmark building under the name of a shell company where dozens of people are going to work every day and we would never know that’s a hacking organization.”
He works with small and medium-sized businesses to help them boost their cybersecurity but freely admits that no system is 100% secure.
“We can put firewalls in place,” Chapman said. “We can put two factor authentication in place. We can put tons of IT around this to make sure it doesn’t happen but there’s so much information going around and so many ways to get access to our information that there’s always another hole or another vulnerability. It’s not the vulnerabilities that we know about, it’s the vulnerabilities that we don’t know about that scare me.”
He recently got an email purporting to be from Shaw, saying his password had expired. It even had very realistic looking Shaw logos in it.
“They (emails in general) are so similar to the logos of the companies that I can barely tell the difference, other than it’s going to a different address and the email address might be a gmail address,” he said. “I’m looking at that and go, if I was expecting a UPS parcel today I may have clicked on that. I always think, if I would have clicked on it and I know better, would the average user who’s busy, and maybe has a customer that’s trying to get something resolved at the other end of the phone, clicks on it? Well you’re hooped.”
He can lock down a computer so tight that no one can get in but then it becomes pretty useless to the owner and would not have internet access.
Okanagan College says its cyberattack was detected by its IT team doing “routine and proactive surveillance.” The whole system was shut down as soon as the breach was discovered.
READ MORE: Okanagan College crippled by cyberattack
That’s not always the case with such organizations, Chapman said. IT departments large or small are often overworked with so many regular duties like setting up new equipment and fixing routine problems that they don’t always have time to be looking for cyberattacks.
It may also be that a determined hacker will actually get someone hired into an IT department, or even as a janitor, to get into the building and access the computers.
It’s usually about ransoming the information for money.
A 2020 Cybersecurity Magazine article estimated that cybercrime was expected to inflict $6 trillion USD in damage around the world in 2021. If it was a country, cybercrime would have the third largest economy in the world behind only the U.S. and China, it said.
READ MORE: Why are there so many cyberattacks lately? An explainer on the rising trend
A survey of 4,100 global companies published by Trend Micro in 2022 found that 93% of the North American companies surveyed had been attacked at least once in the previous year and 37% had been attacked seven or more times in the year.
That’s the highest rate when compared to Europe, Latin/South America or Asia/Pacific.
Hacking is something not many victims want to talk about.
“People are embarrassed,” Chapman said. “But it’s also your reputation. If it gets out that you’ve been hacked, will people want to do business with you?”
While Sobeys was recently hacked and Southwest Airlines and Westjet may have been hacked, small businesses are more likely targets.
READ MORE: Some pharmacies in Kamloops, Okanagan unable to fill prescriptions
“If you tried to hit Okanagan College and your goal was to get $1-$2 million bucks out of them and you’re going to cause havoc, more than likely they’re going to have backups and a proper IT staff to get them up and running,” Chapman said. “If that attack fails and you don’t get the ransom, you’ve put a lot of effort into doing this big attack and it’s maybe 50-50 you’re going to get something. But, if you went after 1,000 small business that are all five to 10 people each, or even a couple of hundred, your success rate is probably going to be 60-70% and they’re going to be easy targets.”
It's not just the damage to the computer systems that is costly, it's the down time that could be a week or more and mean a big business loss.
He knows of one law firm in Kelowna that was hacked. They paid the ransom but, even so, some of their systems were still not running properly three months later.
“The worst is when I get a phone call and someone is crying,” Chapman said.
He recently got that call from a woman who had a child with a disability so she set up a Facebook page. After a few years she quit her day job and was able to support herself off the Facebook page.
Then it got hacked.
“Somebody’s actually changed the page and they’re making derogatory comments on her page and she’s getting comments from her clients saying: ‘Hey. Why are you slamming me?’” Chapman said. “Well, somebody’s just causing havoc. Nobody’s contacted her yet trying to get money.”
But, in the meantime she’s lost her sole source of income.
He asked her if she had things like backup email address and if she had two factor authentication turned on.
“She went: ‘What’s that?’” he said. “She didn’t even know to have two factor authentication turned on her Facebook page so that, when a new device or a browser logs in, it actually asks for a code off your phone.”
Two factor authentication is a key defence tool if it’s used on all devices, as is a good backup system – something more than iCloud.
But, even with those, a plan needs to be in place on how to get a system back up and running once it’s been hacked.
“If something happens to one of my customers, we’re proactive,” Chapman said. “We already know they have backups. We’ve already been monitoring them. We know the ins and outs of their business so, if they happen to click on something that got through, well, let’s get equipment and let’s get it restored.”
For more about CMIT Solutions, go here.
To contact a reporter for this story, email Rob Munro or call 250-808-0143 or email the editor. You can also submit photos, videos or news tips to the newsroom and be entered to win a monthly prize draw.
We welcome your comments and opinions on our stories but play nice. We won't censor or delete comments unless they contain off-topic statements or links, unnecessary vulgarity, false facts, spam or obviously fake profiles. If you have any concerns about what you see in comments, email the editor in the link above.
News from © iNFOnews, 2023