A new report (2020 Cybersecurity Report), published yesterday by Canadian Internet Registration Authority (CIRA) showed that Canada has been targeted hackers. A large number of IT workers claim that company he suffered attack in cyberspace related to COVID-19.
The survey involved more than 500 employees who are responsible for decision-making in its field security in cyberspace.
One of the main findings of the report is this: one third of respondents stated that their company was targeted by cybercriminals who used COVID-19 to deceive them employees. For example, criminals tried to promote fake contact detection applications and performed phishing attacks related to COVID-19 (test results, etc.).
Also, according to the report, three out of ten Companies they said increase in the volume of attacks suffered since the onset of the pandemic.
About half of IT staff said that during this time, their company has taken new steps to strengthen its security in cyberspace to meet the challenges of COVID-19.
A quarter of organizations said they had experienced one infringement data, which affected data customers and / or employees. However, a worryingly large percentage (38%) of employees surveyed admitted that their organization did not know if they had been hit by a violation or not.
A CIRA spokesman said things would be even more difficult for businesses over the next 12 months, as attacks increased during COVID-19 and would continue to grow and become more sophisticated. Nevertheless, only one third of employees reported an increase in the human resources responsible for cyber security.
According to Infosecurity Magazine, the survey found that about one in ten employees expect to have fewer resources to invest in cyber security next year.
Another key and worrying finding of the report is that while companies are aware of recent changes to the Personal Information and Electronic Documents Protection Act (PIPEDA), do not report violations data (at least not as often as they did last year).
In 2020, only 36% of organizations informed the appropriate regulator about a data breach. In 2019, this percentage was 58%. In addition, only 44% of respondents informed customers of a breach, down from 4% in 2019.
CIRA believes that if implemented stricter legislation on privacy, businesses will be forced to report breaches and attacks. Fines can also have the same effect. Companies that do not comply and do not report data breaches should take action fine.