News Local

Cyber extortion going unreported: expert

By Martin van den Hemel



It’s a virtual war that businesses and people are losing everyday.

Criminals are hacking company and home computers and servers, and holding data hostage unless a price is paid for the unique encryption key.

In some cases, smaller companies and individuals are asked for just a few hundred dollars, but larger companies can be asked for much more.

If victimized companies or individuals don’t pay, they risk their data being deleted.

“It happens constantly,” said Dale Jackaman, president of cyber security company Amuleta, about cyber attacks, including cyber extortion. “A complete and utter barrage of attacks. New crypto attacks (where data is encrypted) are now quite common.”

Criminals are targeting those without specialized IT departments — what Jackaman calls “low-hanging fruit” — and somehow are able to determine what these companies or individuals are capable of paying.

There are other types of cyber crime, such as fraud, industrial espionage and investigations of IT staff.

In a case of fraud he was involved with last year, a company’s $800,000 payment for services rendered was intercepted by an overseas organized crime group.

Why isn’t the public more aware of this type of ongoing crime?

Two reasons, Jackaman said. Firstly, firms in Canada do not have to disclose that they’ve been hacked or taken advantage of, unlike many states in the U.S. who have reporting requirements.

Secondly, a company’s reputation can suffer if it’s widely known they’ve been hacked and victimized.

The RCMP are inundated by this sort of thing, Jackaman said.

“They don’t have the resources or the manpower to chase down any but a small number of the bigger (cases),” he said. “They can’t do it for all the cases.”

Jackaman said his business has doubled in the last couple of years, and he can’t keep up with demand. It’s a challenge finding enough people to do the specialized work necessary to track down those responsible, he said.

Companies are compromised with something as simple as an employee clicking on an e-mail attachment, or visiting an infected website.

According to Statistics Canada, frauds accounted for more than half of all police-reported cybercrime in 2012.

There were 9,084 incidents of cybercrime by police services that cover 80% of Canada’s population, for a rate of about 33 cybercrimes per 100,000 population.

Jackaman suspects the rate of cyber crime has doubled since 2012.