E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.		 LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants


SPECIAL NOTE TO ALL VISITORS:
Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


CANADIAN BUSINESSES UNPREPARED FOR HACKERS - STUDY

Source: Financial Post

Posted on November 16, 2011

Canadian businesses are increasingly being victimized by hackers but are also less prepared for such Internet threats, new reports have found.

Breaches of Canadian publicly traded companies jumped an "alarming" 50% in 2011, says a joint study released Tuesday by Telus Corp. and the University of Toronto's Rotman School of Management. The annual study said public companies in Canada were hacked an average of 18 times this year, compared with an average of 12 attacks suffered in 2010.

Overall, the study says, attacks on businesses and government offices were down nearly 50% from last year, to an average of 7.6 breaches in 2011 from 14.6 in 2010.

Insider breaches, in which hackers turned out to be employees, were extremely prevalent in government - the "most startling" result of the survey, researchers said - accounting for 42% of every government computer hacked in 2011.

Growing complexity of corporate computer systems - a common trend as more firms acquire servers and digital platforms to support their businesses - was also found to be a major risk. All breaches resulting in a loss of $1-million or more happened to respondents managing infrastructure they identified as being either high or medium complexity.

The increase on attacks against public companies revealed in the Telus study suggests cyber criminals are focusing more on large enterprises, but a survey, released Wednesday by Symantec Corp., paints a drastically different picture.

California-based Symantec, the world's largest security software maker, said 40% of all attacks launched between the beginning of 2010 and July 2011 specifically targeted small and medium-sized businesses. Kevin Haley, Symantec's direc-tor of security technology and response, said given the common objective of a computer breach is to steal financial data, the focus on smaller businesses came as no surprise.

"If someone is targeting a big company, chances are one password is not going to get them to the money as there are too many security procedures put in place at a big company," Mr. Haley said in an interview. "So the small and medium businesses are actually the perfect target since they have lots of money, certainly more than an individual user, and yet they don't have very good security."

Canadian entrepreneurs were asked whether they were familiar with common hacker tactics, such as distributed denial of service (DDoS), used by hacker group Anonymous last year to disable Visa's and Mastercard's sites (55% were aware); and keystroke logging, in which a hacker monitors keys a user strikes to obtain a password, (58% aware).

Yet a "surprising" number of them are failing to take the steps necessary to protect themselves, Mr. Haley said, noting 63% of respondents said they don't lock down machines used for online banking and 9% take no security precautions at all. "There is an illusion there that these risks, these threats, are threats to big companies and nation states but not to small businesses," Mr. Haley said.

The attitude is not limited to businesses either. A Symantec study released two weeks ago found Canadian operators of telecommunications networks, power grids, water systems and other critical infrastructure were less prepared for potentially devastating cyber attacks.

That study was based on telephone surveys of 3,475 companies in 37 countries, including 625 in Canada, taken between August and September. Overall, it found just 37% said their companies were engaged in critical infrastructure protection programs in 2011, down from 56% in 2010.

Mr. Haley recommends business owners lock down machines used for online banking by restricting email and Web browsing access.

"It may seem like a pain and an inconvenience," he said. "But it is nowhere near as large as having your bank account emptied out."



CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

ALERT
ARCHIVES
Final Entries
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999


LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Against
Privacy Breaches.

Get WebTrust
Working For
Your Site.