It was the stuff of nightmares for any librarian — or bookworm. Last October, cybercriminals attacked the Toronto Public Library (TPL), shutting down networks across more than 100 branches and holding data hostage until a ransom was paid. According to reports, the hackers seized personnel information for current and former employees dating back to 1998.
The incident affected library systems for nearly six months. Cardholders were still able to check out print books, but returns could not be properly processed, holds remained in limbo and, for a time, on-site computers were inaccessible. The library also provided free credit monitoring for those affected. Rather than pay the $10 million ransom, the TPL chose to rebuild — in line with standard advice from law enforcement, as there is no guarantee hackers will provide a decryption key upon payment. Moreover, from the library’s perspective, any money could also be used to fund further criminal activity.
TPL is just one of many Canadian organizations that have been affected by recent ransomware attacks. In December 2022, Toronto’s Hospital for Sick Children (SickKids) was targeted by hackers who demanded $1.5 million. The ransomware group, Lockbit, apologized — likely recognizing the bad optics of going after a children’s hospital — and offered a key to unlock info that was being held hostage by the affiliate responsible for the attack. Lockbit was also involved in the cyberattack on London Drugs pharmacies in April 2024, which caused the West Coast retail chain to temporarily take its computers offline and shutter its bricks-and-mortar stores.
It’s only going to get worse. Statista predicts that the global cost of such illicit activities will increase from US$9.22 trillion in 2024 to US$13.82 trillion by 2028. And thanks to AI, it has become even easier to commit cybercrime. Criminals can use generative AI to create believable messages that make it easier to manipulate people’s emotions.
In May, the Government of Canada unveiled its official Enterprise Cyber Security Strategy, which aims to ensure federal agencies can efficiently tackle bad actors and address vulnerabilities across government properties. The plan involves proactively identifying potential risks and their repercussions, fortifying systems to thwart attackers and quickly resume operations in the event of an attack and bolstering cybersecurity knowledge and skills amongst staff. It’s a necessary move to mitigate a threat that is becoming more sophisticated (and more dangerous) in tandem with evolving technology. And while the average Canadian does not have as many resources as the federal government at their disposal, experts agree that there are certain steps we can take to protect ourselves — and our information.
Ransomware — malicious software designed to capture data and block access to a system — is popular because it’s simple to use and scale and can be easily deployed to make money. Canada is an attractive target for ransomware hackers because of its ample resources and proximity to the United States.
Benjamin Fung, a professor at the School of Information Studies and the research chair in Data Mining for Cybersecurity at McGill University, says Canadian institutions are especially vulnerable because our cybersecurity protection lags behind other developed nations, according to the Global Cybersecurity Index. “Many laws are outdated and not able to catch up with the latest hacking techniques and foreign interference strategies,” he notes. Canadian companies often liaise with American organizations, and because small- and medium-sized businesses typically have low defense capacity (i.e., they lack effective cybersecurity tools and infrastructure), hackers often attempt to use the country as a backdoor to obtain data they are unable to access in the United States.
Darace Rose, a co-founder of Toronto-based cybersecurity firm Oppos Incorporated, says Canada’s heavy reliance on digital technologies across sectors makes us especially vulnerable. “The juxtaposition of aging infrastructures and modern technologies is attractive to cybercriminals” because the varied landscape provides a range of options for them to attack, he explains. Fung echoes this concern, noting that the general public is relatively under-informed about the risk of foreign interference, and Canadian administrators rarely receive adequate training to identify and proactively prevent attacks.
Earlier this year, the open-access journal PLOS One published an analysis of the nations where the most cybercrimes originate. Researchers looked at five key categories — attacks and extortions, data and identity theft, advance-fee fraud and other scams, money laundering and credit card fraud, and technical threats such as malware coding — and determined that Russia was responsible for housing the greatest number of cybercriminals, followed by Ukraine, China, the U.S., Nigeria, Romania and North Korea. Canada ranked 25 out of 50 countries.
“Most cybercriminals attempt to compromise targets in bulk, using common tactics such as phishing and social engineering,” says a spokesperson for the Communications Security Establishment, which provides the Government of Canada with information technology security and foreign signals intelligence. The CSE describes these perpetrators as “opportunistic,” in that they take advantage of users by exploiting human traits such as carelessness and trust and exploit software vulnerabilities through malicious codes and technical tools.
To Rose, an effective cybersecurity approach is a holistic one. He emphasizes strong governance, up-to-date security practices and integrating AI technologies. (AI can, in fact, be a powerful tool against AI attacks.) As information on active cybercriminals and hacking approaches is constantly being updated, there are several options for keeping on top of the latest news, information and technology. The federal government’s Canadian Centre for Cyber Security is a good option.
As Fung explains, it can also be beneficial to enlist the help of companies that specialize in cybersecurity integration and prevention. Toronto-based Armilla, for instance, leverages automation to audit and verify the quality of third-party AI solutions. Even companies that don’t have AI built into their DNA may consider commissioning an audit to help identify vulnerabilities and avoid becoming targets. Oppos works with public- and private-sector organizations to assess risks; the company offers training in deterring cyber threats and efficiently responding to security breaches. These days, it’s not enough to be reactive to incidents, says Rose. Oppos proactively leverages AI to suss out any issues with compliance, flagging and neutralizing potential threats before they manifest.
There are practical, concrete measures companies can adopt to protect themselves against attacks. “Most large organizations already have a cybersecurity team,” says Fung. “They can improve their cybersecurity by achieving some ISO standards.” One of those standards is ISO 27001, an internationally recognized framework for managing sensitive internal information. For ventures, compliance involves developing a system to manage and protect data, implementing security controls and conducting regular risk assessments. Fung and the CSE also stress the importance of basic security hygiene, such as anti-virus software, firewalls, mandatory staff training on best practices and periodic scanning for vulnerabilities. The CSE also recommends regularly backing up all files and storing that data offline.
Building a robust defense against cybercrime is a collaborative effort. Alongside innovators and academic institutions, agencies such as the Canadian Centre for Cybersecurity are integral in developing strategies. Rose commends the federal government for investing in critical technologies and recognizing the importance of a skilled cybersecurity workforce. To minimize vulnerability for all Canadians, he says, the public and private sectors need to share information about threats.
As for the Toronto Public Library, while officials have yet to release a complete account of the incident, a recent City of Toronto budget suggests the city is shouldering costs related to the ransomware attack. Inside the TPL, some things have changed — IT security has been ramped up, per NIST cybersecurity protocols. But for the most part, things are back to normal. Holds and returns are being processed, computers are up and running and all those returned books are making their way back onto the shelves.
Image source: iStock
This website uses cookies to save your preferences, and track popular pages. Cookies ensure we do not require visitors to register, login, or share any identity information.