Ottawa’s made the list for best cities in which to live in the 2021 World’s Best Cities Report. It’s great to be popular.
Unfortunately, that popularity is also with cyber criminals.
“Ottawa is definitely the hotspot,” according to John Robinson, President and CEO of Intega IT, an Ottawa-based company focused on protecting the data of small, and medium-sized, companies.
“Almost 70 per cent of all cyber attacks are focused on Canada, the majority of them in Ottawa.”
“Ottawa is the capital of Canada and it’s a large city and has a lot of large organizations, a lot of embassies, it’s a focus for cyber criminals. It’s unfortunate but we are in a hotspot.”
With more people working, and learning from home, Robinson emphasizes the importance of protecting yourself and being wary of phishing scams.
He says half of Canadian companies don’t have cyber awareness training and that leaves people vulnerable, especially now with so much ‘cyber action’ within a home.
He is aware it’s difficult to be on top of everything during this challenging time.
“There are more people working from home in this lockdown. Couple that with all of the students working from home, the house is very busy, especially the IT and the Internet, so there’s a lot of chaos, and a lot of confusion.”
“Parents are trying to balance children learning, they’re trying to balance their work schedules and trying to balance getting back to work from the holidays, so it’s easy to look at a phishing email by just clicking on something that looks very authentic.
“Maybe you’re getting a UPS tracking notification, that’s very common now, and you’re not seeing the sender and you’re not taking that few minutes to look at who’s sending it, that’s really the problem.”
“If it doesn’t look right don’t open it.”
He doesn’t want the pandemic to be synonymous with “Spamdemic”.
And just because your kids are computer savvy, Robinson says, don’t count on them for your cybersecurity.
“The younger generation-they absolutely know everything about IT. It’s amazing. My 10-year-old can probably whiz through Google it better than I can but they’re looking for functionality, they’re not looking for safety.”
Robinson says kids will make things work but they are normally looking at the fastest way to get things done.
“These days it’s amazing what they know but what they don’t know is where the vulnerabilities are, and where they can cause problems within the house especially with all of the people working from home."
Robinson also has advice for those excited to work outside the home when things reopen.
When we do get back to going to coffee shops, and you are ordering a latte when you notice your phone is almost dead, don’t be tempted to plug it into a charger left behind by another customer warns the IT specialist.
“Think again,” says Robinson. “There’s a technology that they (cyber criminals) are embedding. USB devices in those chargers. It’s pretty common. We’re seeing chargers, or USB drives, left in public left and coffee shops.
“We’re all opportunists- ‘Hey there’s a charger for my iPhone.’ Plug it in and off to the races. The embedded software will take over your computer and basically give hackers access to your computer, or worse, if you bring them to work your network could be compromised at your office. That would definitely not be good for anybody.”
Robinson’s advice: “Don’t put it in if you don’t know where it came from”.
Robinson also advises to avoid the Robocalls by not picking up. Often the calls are programmed to use local numbers.
“They mask their calls with peoples’ contacts instead of it showing a US call coming through.”
“Things are changing. They’re getting more advanced. They’re definitely finding new ways to get people on the hook”
To set yourself up for cyber safety, Robinson says the easiest thing you can do to protect yourself is change your password.
“We’re all in the world of convenience. We all love to keep that same password for all of our platforms,” he says. “It’s January. It’s a new year. Change those passwords every 30 days, that would be great, every 90 days would be okay as well.”
“Change them and use different unique passwords for each platform that you’re using—your Facebook, your LinkedIn, your email. Change them all. I know it’s a minor inconvenience, and nobody loves to do it, but it’s the easiest way to stay protected.”
Under cyberattack? Here are John Robinson’s five tips for protecting your information.
- Put an end to robocalls.“If your employees use their own phone for work, have them install a call control feature from their network provider that requires the caller to physically press a button to be connected. When robocalls come through, the computer at the other end will be cut off because the connection requires human interaction."
- Have a Bring Your Own Device protocol. “More and more companies are cutting costs by encouraging employees to BYOD, but if there is no protocol for what information is shared or how a network is accessed using a personal cell phone, cybercriminals will take advantage of the vulnerabilities.”
- Test your vulnerabilities.“IT support companies like Intega IT offer clients their very own internal phishing campaign to see who is – and isn’t – paying attention to emails. The campaigns involve educational videos outlining cybercrime tactics for employees, followed by emails with links that seem legit. Once the campaign is over, Intega IT sends a report card rating employees on attendance and awareness."
- Read the fine print.“Cybercriminals depend on social engineering to fool receivers into clicking on links in masked emails. They count on people’s trust in known entities and that they won’t look too closely at the sender’s actual email address or pick up on subtle logo changes or spelling errors."
- Don’t use public Wi-Fi. “Although sitting in a coffee shop to work remotely is not on the COVID agenda now, shared or public Wi-Fi will continue to be a key source of strain on the system. It’s an open network. People jump on their VPN and if someone is savvy on the same Wi-Fi, they can open the door to everyone. They could put malware on your company network or your computer.