Cyber threat assessment is key to determining, analyzing, and evaluating cyber risks associated with various organizations or technology-driven resources within the country. It also ensures whether the security measures and controls chosen are appropriate for the modern-day risks cybersecurity faces nationwide.
According to the Cybersecurity Ventures report, the cost of cybercrimes is increasing exponentially. It will have gone from US$ 3 trillion in 2015 to US$ 10.5 trillion by 2025. Recently, the Canadian Centre for Cyber Security (Cyber Centre) released the National Cyber Threat Assessment 2023-2024. The report warns against monetary-driven and state-sponsored cyber threats, as they increasingly affect Canadian organizations.
This article summarizes the generated assertion by the Canadian Centre for Cyber Security on cyber threat assessment in 2023-24.
What is a cyber threat assessment?
Cyber threat assessment analyzes and evaluates a nation's or organization's cybersecurity controls and its ability to remediate threats. Usually, a reputable organization or security firm conducts cyber threat assessments to provide a checklist of the possible risks and mitigation techniques through security audits and remediation measures. Organizations and national security need cyber threat assessments to determine their preparedness against cyber risks.
About the Canadian Centre for Cyber Security
The Canadian Centre for Cyber Security is the Canadian technical authority on cybersecurity. As a part of the Communications Security Establishment (CSE), they are a unified source with experts from various fields of cybersecurity. They provide robust guidance, risk analysis, and support on cyber threats to the Canadian government and organizations. The Canadian Centre for Cyber Security works alongside the Government of Canada to safeguard critical infrastructure, national resources, and international partners to maintain harmony and seamless business. They are also responsible for organizing, responding, mitigating, and recovering from cyber threats and events.
As trusted experts, the team delivers their best to keep Canada and the entire IT infrastructure safe from cyber threats. They provide:
Tailored cybersecurity guidance and advice to protect the country's cyber systems
Advice and support with developing specialized cyber defence systems through proper knowledge and directions
Defend the Canadian government's cyber systems and networks by deploying sophisticated defensive tools and techniques
Support private sector partners, companies, and municipal governments to tackle cyber challenges.
National Threat Assessment 2023-2024 key findings
The report states that cybercrime is the greatest threat to Canadian organizations and the government. Like other internet users across the globe, Canadians also use the internet to connect to relatives, perform financial transactions, share medical records and do official work. As internet usage time increases, the possibility of cyberattacks on internet users also increases. It can impact their professional and personal lives.
The report also states that cybercriminals and nation-states are developing new ways and cyber capabilities to target organizations. The NCTA 2023-24 focused on five cyber threat narratives that are the most dynamic and impactful for Canadian organizations and the country. These are:
Risks of critical infrastructure: Cybercriminals are targeting critical infrastructures because downtime can cost tremendous losses to industries. The breakdown of critical infrastructure is also harmful to the customers they serve. Cybercriminals use malware and other techniques on essential infrastructure to collect information through espionage.
Persistent ransomware is a threat: Ransomware is another critical threat that Canadian Centre for Cyber Security reported as a severe one to affect Canadians and Canadian enterprises. As cyber criminals intensify their attempts to gather personal and financial data, Canadians will be disproportionately affected by scams and fraud in the coming two years. The Internet serves as a crucial avenue for these malicious actors seeking to exploit vulnerable users.
Critical infrastructure has been called out as an attractive target for ransomware. Since 2020, the Cyber Centre has seen a surge in ransomware attacks against various industries within Canada, including critical infrastructure sectors. Although large enterprises and vital infrastructure are prime targets for hackers, cybercriminals will remain opportunistic over the next two years with no indication that they will limit their activities to any specific sector or region.
State-sponsored cyber threats are impacting Canadian IT systems: According to the Canadian Centre for Cyber Security's cyber threat assessment and analysis, state-sponsored programs run by Iran, Russia, China, and North Korea are causing a deliberate cyber threat to Canadian organizations. These state-sponsored players are unleashing global threat campaigns targeting citizens of specific geolocations and influencing activists in Canada. They also target enterprises and individuals' intellectual property (IP) for espionage or financial gains.
Threat actors are influencing Canadian citizens not to trust online spaces: Over the past two years, threat actors have been spreading misinformation, disinformation, and malicious information (MDM). These actors are using machine learning-based tools to generate fake content and promote them. Such techniques are hard to detect or assess. The Canadian Centre for Cyber Security predicts that such misinformation attacks will increase in the next two years.
New threats through disruptive technologies: Disruptive technologies like cryptocurrencies, deep learning, and decentralized finance are tools to target unsuspecting users and digital assets. Further, quantum computers are threats to existing technology and security systems. It can easily distort the confidentiality and trust of online data.
Canadians are using the internet for everything from financial transactions to connecting with family and friends to business and work. The trend towards increasing use of the internet increases the threat of service disruptions from cyber threat activity. The NCTA 2023-24 selected the five threat narratives above as the most impactful to Canadians this upcoming year.
The threats highlighted by the Canadian Centre for Cyber Security are persistent and capable of widespread disruptions. They can significantly impact the country's economy and critical infrastructure. Read the full report here.
Sign up for our newsletter
Get the lastest blog posts in your inbox biweekly!