rewrite this content and keep HTML tags
Statistics Canada, “Canadian Internet Use Survey 2022,” July 20, 2023; Chris Dixon, Read Write Own: Building the Next Era of the Internet, (New York: Random House, 2024).
Federal Trade Commission, “FTC Staff Report Finds Large Social Media and Video Streaming Companies Have Engaged in Vast Surveillance of Users with Lax Privacy Controls and Inadequate Safeguards for Kids and Teens,” September 19, 2024.; Reva Goujon, “Shut Out: Data Security and Cybersecurity Converge in Next Wave of US Tech Controls,” Rhodium Group, March 5, 2024.
Brian Klaas, “The CrowdStrike Failure Was a Warning,” The Atlantic, July 21, 2024.
Jonathan Rauch, “The World is Realigning,” The Atlantic, July 1, 2024; Chun Han Wong, “China’s Xi Jinping Takes Rare Direct Aim at U.S. in Speech,” The Wall Street Journal, March 6, 2023.
Max Smeets, No Shortcuts: Why States Struggle to Develop a Military Cyber-Force, (Oxford: Oxford University Press, 2022); Rajat Pandit, “Armed forces formulate new doctrine for cyberspace operations,” The Times of India, June 18, 2024.
Google Threat Analysis Group, “Buying Spying: Insights into Commercial Surveillance Vendors,” Google, February 2024; Jen Roberts et. al., “Mythical Beasts and Where to Find Them: Mapping the Global Spyware Market and its Threats to National Security and Human Rights,” DFRLab, September 4, 2024.
Redacted Indictment, “United States v. Gaobin (PDF),” 1:24-cr-00043, (E.D.N.Y.), filed March 25, 2024; and United States Department of the Treasury, “Treasury Designates Iranian Cyber Actors Targeting U.S. Companies and Government Agencies,” April 23, 2024; Christian Sepherd et al., “Leaked files from Chinese firm show vast international hacking effort,” The Washington Post, February 22, 2024; United States Department of Justice, “Nine Iranians Charged with Conducting Massive Cyber Theft Campaign on Behalf of The Islamic Revolutionary Guards Corps,” March 23, 2018; Google Threat Analysis Group, “Buying Spying: Insights into Commercial Surveillance Vendors,” Google, February 2024.; Wahlstrom et al., “Contracts Identify Cyber Operations Projects from Russian Company NTC Vulkan,” Mandiant, March 30, 2023; United States Department of Commerce, “Commerce Adds NSO Group and Other Foreign Companies to Entity List for Malicious Cyber Activities,” November 3, 2021; Max Smeets, “Hack Global, Buy Local: The Inefficiencies of the Zero-Day Exploit Market,” Lawfare, June 6, 2022.
Canadian Centre for Cyber Security, “Cyber threat bulletin: Cyber Centre urges Canadians to be aware of and protect against PRC cyber threat activity”, June 3, 2024.
Redacted Indictment, “United States v. Gaobin (PDF),” 1:24-cr-00043, (E.D.N.Y.), filed March 25, 2024.
Robert Fife and Steve Chase, “Canadian spy agency says it shared details of Chinese hacking with Parliamentary officials,” The Globe and Mail, April 30, 2024.
United States Department of State, “Global Engagement Center Special Report: How the People’s Republic of China Seeks to Reshape the Global Information Environment,” September 28, 2023; Redacted Complaint and Affidavit in Support of Application for Arrest Warrants, “United States v. Bai (PDF),” 1:23-mj-00334, (E.D.N.Y), filed April 6, 2023. United States House Select Committee on the CCP, “HEARING: CCP Transnational Repression: The Party’s Effort to Silence and Coerce Critics Overseas,” December 13, 2023.
Mike Dvilyanski, “Taking Action Against Hackers in China,” Meta, March 24, 2021; Redacted Indictment, “United States v. Gaobin (PDF),” 1:24-cr-00043, (E.D.N.Y.), filed March 25, 2024; Kristina Balaam et al., “BadBazaar: iOS and Android Surveillanceware by China’s APT15 Used to Target Tibetans and Uyghurs,” Lookout, 22 January 2024.
Congressional-Executive Commission on China, “The Human Rights Situation in Tibet and the International Response,” One Hundred Sixteenth Congress, Second Session, September 30, 2020.; The Honourable Mari-Josée Hogue, Commissioner, “Public Inquiry into Foreign Interference in Federal Electoral Processes and Democratic Institutions – initial report”, Privy Council Office, May 3, 2024; Amnesty International, “China: Overseas students face harassment and surveillance in campaign of transnational repression,” May 13, 2024.
Dakota Cary and Aleksandar Milenkoski, “Unmasking I-Soon l The Leak That Revealed China’s Cyber Operations,” SentinalLabs, February 21, 2024; Christian Sepherd et al., “Leaked files from Chinese firm show vast international hacking effort,” The Washington Post, February 22, 2024.
Center for Security and Emerging Technology, “Translation: Implementation Opinions of Seven Ministries Including the Ministry of Industry and Information Technology on Promoting the Innovative Development of Future Industries,” February 12, 2024.
Cybersecurity and Infrastructure Security Agency, “Opening Statement by CISA Director Jen Easterly,” January 31, 2024; Canadian Centre for Cyber Security, Canadian Centre for Cyber Security, “Cyber threat bulletin: Cyber Centre urges Canadians to be aware of and protect against PRC cyber threat activity”, June 3, 2024.
Cybersecurity and Infrastructure Security Agency, “Cybersecurity Advisory: PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure,” Alert AA24-038A, February 7, 2024; The Economist, “The new front in China’s cyber campaign against America,” The Economist, June 13, 2024.
United States Department of Justice, “Grand Jury Indicts 12 Russian Intelligence Officers for Hacking Offenses Related to the 2016 Election,” July 13, 2018; Microsoft Threat Intelligence Report, “Iran steps into US election 2024 with cyber-enabled influence operations,” August 9, 2024; United States Department of Justice, “Justice Department Disrupts Covert Russian Government-Sponsored Foreign Malign Influence Operation Targeting Audiences in the United States and Elsewhere,” September 4, 2024; Canadian Centre for Cyber Security, “Russian military cyber actors target U.S. and global critical infrastructure,” September 5, 2024.
Canadian Centre for Cyber Security, “CSE urges the Canadian cyber security community to be vigilant on two-year mark of Russia’s full-scale invasion of Ukraine,” February 19, 2024.
Tom Balmforth, “Exclusive: Russia hackers were inside Ukraine telecom giant for months,” Reuters, January 5, 2024.
Canadian Centre for Cyber Security, “Cyber threat bulletin: Cyber threat activity related to the Russian invasion of Ukraine,” July 14, 2022.
Canadian Centre for Cyber Security, “National Cyber Threat Assessment 2023-2024,” October 28, 2022.
Cybersecurity and Infrastructure Security Agency, “Cybersecurity Advisory: SVR Cyber Actors Adapt Tactics for Initial Cloud Access,” February 26, 2024.
Cybersecurity and Infrastructure Security Agency, “Emergency Directives ED 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System,” April 02, 2024; Alexander Martin, “Exclusive: Russian spies hacked UK government data and emails earlier this year,” The Record, August 8, 2024.
Microsoft, “Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard,” January 19, 2024.
Anne Keast-Butler, Director GCHQ, “CYBERUK 2024: Anne Keast-Butler keynote speech,” May 14, 2024.
Catharine Tunney, “Trudeau shrugs off reports pro-Russia hackers brought down PMO website,” CBC News, April 11, 2023.
The Canadian Press Staff, “Quebec government says data not compromised after websites hit by cyberattack,” CTV News, September 13, 2023; Michelle Allan, “Websites for PMO’s office, NCC among those crashed by hackers,” CBC News, April 15, 2023.
Canadian Centre for Cyber Security, “Alert – Risk of malicious cyber activity against Ukraine-aligned nations,” February 24, 2023; Ellen Nakashima, “Tex. Hack may be first disruption of U.S. water system by Russia,” The Washington Post, April 17, 2024; Cybersecurity and Infrastructure Security Agency, “Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity,” May 1, 2024.
United States Department of Treasury, “Treasury Sanctions Leader and Primary Member of the Cyber Army of Russia Reborn,” July 19, 2024.
Gil Baram, “How the cyberwar between Iran and Israel has intensified,” The Washington Post, 25 July 2022; Sharon Wrobel, “Cyberattacks by Iran, Hezbollah have tripled during the war, says Israel cyber czar,” The Times of Israel, July 4, 2024.
United States Department of the Treasury, “Treasury Sanctions Iranian Ministry of Intelligence and Minister for Malign Cyber Activities,” September 9, 2022; United States Department of the Treasury, “Treasury Sanctions Actors Responsible for Malicious Cyber Activities on Critical Infrastructure,” February 2, 2024.
Cybersecurity and Infrastructure Security Agency. “Exploitation of Unitronics PLCs used in Water and Wastewater Systems,” November 28, 2023; Jim Walter, “Iran-Backed Cyber Av3ngers Escalates Campaigns Against U.S. Critical Infrastructure,” Sentinel One, November 30, 2023.
Figure 5 is derived from data in Microsoft Threat Intelligence, “Iran surges cyber-enabled influence operations in support of Hamas,” February 26, 2024; Cybersecurity and Infrastructure Security Agency, “Exploitation of Unitronics PLCs used in Water and Wastewater Systems,” November 28, 2023; Jim Walter, “Iran-Backed Cyber Av3ngers Escalates Campaigns Against U.S. Critical Infrastructure,” Sentinel One, November 30, 2023; Cybersecurity and Infrastructure Security Agency. “Iranian State Actors Conduct Cyber Operations Against the Government of Albania,” September 23, 2022; The Federal Bureau of Investigations and the Cybersecurity and Infrastructure Security Agency, “Iranian State Actors Conduct Cyber Operations Against the Government of Albania (PDF),” September 21, 2022; Global Affairs Canada, “Statement on Iran’s malicious cyber activity affecting Albania,” September 22, 2022; Clearsky Cyber Security, “No Justice Wiper. Wiper attack on Albania by Iranian APT (PDF),” January 4, 2024; Daryna Antoniuk, “Wiper malware found in analysis of Iran-linked attacks on Albanian institutions,” The Record, January 8, 2024; Associated Press Staff, “Albanian authorities accuse Iranian-backed hackers of cyberattack on Institute of Statistics,” Associated Press News, February 14, 2024; Microsoft Threat Intelligence, “Iran turning to cyber-enabled influence operations for greater effect,” February 5, 2023; Associated Press Staff, “Hackers target Bahrain airport, news sites to mark uprising,” CTV News, February 14 2023.
Google Threat Analysis Group, “Iranian backed group steps up phishing campaigns against Israel,” U.S., August 14, 2024; Rozmann et al., “Uncharmed: Untangling Iran’s APT42 Operations,” Mandiant, May 1, 2024; INSIKT Group, “Social Engineering Remains Key Tradecraft for Iranian APTs,” Recorded Future, March 30, 2022.
Borzou Daraghi, “Iran is using its cyber capabilities to kidnap its foes in the real world,” The Atlantic Council, May 24, 2023; United States Department of Justice, “One Iranian and Two Canadian Nationals Indicted in Murder-for-Hire Scheme,” January 29, 2024; United States Department of Justice, “Members of Iran’s Islamic Revolutionary Guards Corps (IRGC) Charged with Plot to Murder the Former National Security Advisor,” August 10, 2022; Arash Azizi, “Iran’s Deadly Message to Journalists Abroad,” The Atlantic, April 12, 2024; Greg Miller, Souad Mekhennet, and Cate Brown, “Iran turns to Hells Angels and other criminal gangs to target critics,” The Washington Post, September 12, 2024.
United States Department of the Treasury, “Treasury Designates Iranian Cyber Actors Targeting U.S. Companies and Government Agencies,” April 23, 2024.
United States Department of Justice, “North Korean Government Hacker Charged for Involvement in Ransomware Attacks Targeting U.S. Hospitals and Healthcare Providers,” July 25, 2024.
Cybersecurity and Infrastructure Security Agency, “Guidance on the North Korean Cyber Threat,” June 23, 2020; Sean Lyngass, “North Korean hackers extorted health care organizations to fund further cyberattacks, US and South Korea say,” CNN, February 9, 2023.
Alex O’Neill, “Countering North Korean Cybercrime and Its Enablers,” Lawfare, May 2, 2024.
Rajat Pandit, “Armed forces formulate new doctrine for cyberspace operations,” The Times of India, June 18, 2024.
Mehul Srivastava and Kaye Wiggins, “India hunts for spyware that rivals controversial Pegasus system,” Financial Times, March 31, 2023; Jen Roberts et. al., “Mythical Beasts and Where to Find Them: Mapping the Global Spyware Market and its Threats to National Security and Human Rights,” DFRLab, September 4, 2024.
Intel471, “How Threat Actors Use Underground Marketplaces,” September 22, 2022.
Flare, “Top Cybercrime Forums to Monitor in 2023,” May 16, 2023.
Kela, “Telegram: How a Messenger Turned into a Cybercrime Ecosystem by 2023 (PDF).”
Bleeping Computer, “Ransomware as a Service and the Strange Economics of the Dark Web,” 27 March 2024; Field Effect, “The rise of cybercrime-as-a-service,” April 19, 2023; National Cyber Security Centre, “Ransomware, extortion and the cyber crime ecosystem,” September 11, 2023.
Alexander Martin, “Ransomware ecosystem fragmenting under law enforcement pressure and distrust,” The Record, July 23, 2024; Bleeping Computer, “Ransomware as a Service and the Strange Economics of the Dark Web,” March 27, 2024; Courtney Shea, “Why Canada has so many cyberattacks—and why we’re all at risk,” Macleans, March 18, 2024; National Cyber Security Centre, “Ransomware, extortion and the cyber crime ecosystem,” September 11, 2023.
Sophos, “Sophos 2023 Threat Report: Maturing Criminal Marketplaces Present New Challenges to Defenders (PDF),” November 17, 2023.
Alexander Martin, “Genesis Market, one of world’s largest platforms for cyber fraud, seized by police,” The Record, April 4, 2023.
United States Department of Justice, “Criminal Marketplace Disrupted in International Cyber Operation,” April 5, 2023.
Canadian Anti-Fraud Centre, “Annual Report 2022 (PDF)”; Royal Canadian Mounted Police, “Fraud Prevention Month 2024: Fighting fraud in the digital era,” February 29, 2024.
Canadian Centre for Cyber Security, “Baseline cyber threat assessment: Cybercrime,” August 28, 2023.
Royal Canadian Mounted Police, “Fraud Prevention Month 2024: Fighting fraud in the digital era,” February 29, 2024.
Europol, “Internet Organized Crime Threat Assessment (IOCTA) 2024,” July 26, 2024; Recorded Future, “2023 Annual Report (PDF),” March 21, 2024.
Chainalysis, “Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline,” February 7, 2024; Cyber Threat Intelligence Integration Center, “Ransomware Attacks Surge in 2023; Attacks on Healthcare Sector Nearly Double (PDF),” February 28, 2024.
Alexander Martin, “Ransomware ecosystem fragmenting under law enforcement pressure and distrust,” The Record, July 23, 2024.
Cyber Threat Intelligence Integration Center, “Ransomware Attacks Surge in 2023; Attacks on Healthcare Sector Nearly Double (PDF),” February 28, 2024.
Chainalysis, “Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline,” February 7, 2024.
Nathaniel Dove, “Canadian firms paying ‘significantly’ more in ransomware attacks: data,” Global News, December 7, 2023.
Chainalysis, “2024 Crypto Crime Mid-year Update Part 1: Cybercrime Climbs as Exchange Thieves and Ransomware Attackers Grow Bolder,” August 15, 2024; Jonathan Grieg, “Ransomware gangs rake in more than $450 million in first half of 2024,” The Record, August 15, 2024; Jordan Pearson, “Ransomware Is ‘More Brutal’ Than Ever in 2024,” Wired, June 10, 2024.
Karina Zapata, “It’s time for companies to double down on cybersecurity measures as ransomware attacks rise, say experts,” CBC, 11 August 2023.
Canadian Centre for Cyber Security, “CSE and international partners publish a cyber security advisory on LockBit ransomware,” June 14, 2023.
Canadian Centre for Cyber Security, “Alert – ALPHV/BlackCat Ransomware Targeting of Canadian Industries,” July 25, 2023.
Canadian Centre for Cyber Security, “Profile: TA505 / CL0P ransomware,” July 11, 2023; Sentenniel One, “What is Cl0p ransomware?”
Internet Crime Complaint Centre, “Joint Cybersecurity Advisory: #StopRansomware: Play Ransomware (PDF),” December 18, 2023.
Cybersecurity Infrastructure and Security Agency, “CISA and Partners Release Advisory on Black Basta Ransomware,” May 10, 2024.
The bar for 2024 represents a projection for what we expect the total number of incidents reported to the Cyber Centre to be, based on the first 6 months of 2024. Since many ransomware incidents go unreported, it is almost certain that the true number of ransomware incidents impacting Canada is higher than what this graph displays.
Chainalysis, “Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline,” February 7, 2024; Jenna McLaughlin, “The rise in ransomware attacks this year may be related to Russia’s war in Ukraine,” NPR, July 13, 2023.
Bavi Sadayappan, Zach Riddle, Jordan Nuce, Joshua Shilko, and Jeremy Kennelly, “Ransomware Rebounds: Extortion Threat Surges in 2023, Attackers Rely on Publicly Available and Legitimate Tools,” Google Cloud, June 3, 2024.
Laura Hiserodt, “Third-Party Breaches: Risk in the Supply Chain,” Resilience, October 18, 2023.
Canadian Centre for Cyber Security, “Profile: TA505 / CL0P ransomware,” July 11, 2023
Recorded Future, “2023 Annual Report (PDF),” March 21, 2024.
Chainalysis, “Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline,” February 7, 2024; Recorded Future, “2023 Annual Report (PDF),” March 21, 2024.
National Cyber Security Centre, “Ransomware, extortion and the cyber crime ecosystem,” September 11, 2023.
Arctic Wolf, “Ransomware-as-a-Service Will Continue to Grow in 2024,” January 19, 2024; Chainalysis, “Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline,” February 7, 2024; Mandiant, “Ransomware Rebounds: Extortion Threat Surges in 2023, Attackers Rely on Publicly Available and Legitimate Tools,” June 3, 2024.
Abdulrahman H. Alamri, “Dragos Industrial Ransomware Analysis: Q4 2023,” Dragos, January 25, 2024; Canadian Centre for Cyber Security, “Baseline cyber threat assessment: Cybercrime,” August 28, 2023; Canadian Centre for Cyber Security, “The cyber threat to Canada’s oil and gas sector,” June 21, 2023.
Alexander Martin, “Ransomware attacks leave small business owners feeling suicidal, report says,” The Record, January 17, 2024.
Andy Greenberg, “Change Healthcare Finally Admits it Paid Ransomware Hackers $22 Million – and Still Faces a Patient Data Leak,” Wired, April 22, 2024; Dee-ann Durbin, “Meat company JBS Foods confirms it paid US$11M ransom in cyberattack,” Global News, June 9, 2021; Christina Wilkie, “Colonial Pipeline paid $5 million ransomware one day after cyberattack, CEO tells Senate,” CNBC, June 9, 2021.
Canadian Centre for Cyber Security, “Cyber threat bulletin: Cyber Threat to operational technology,” December 16, 2021.
Paula Duhatschek, “Suncor swaps out laptops after cybersecurity incident as energy sector takes stock of risks,” CBC, July 6, 2023; Suncor, “Update on Suncor Energy response to cybersecurity incident,” July 6, 2023.
Canadian Centre for Cyber Security, “Baseline cyber threat assessment: Cybercrime,” August 28, 2023; SickKids, “SickKids lifts Code Grey with 80 per cent of priority systems restored,” January 5, 2023.
Chatham-Kent Health Alliance, “Update on Cyber Attacks at Regional Hospitals,” October 31, 2023; David Musyj, “Cyber attack statement (PDF),” April 3, 2024; Rich Garton, “Notorious ransomware group claims responsibility for local hospitals cyberattack,” CTV News, November 3, 2023.
Akshay Kulkarni, “London Drugs confirms it was victim of ransomware attack,” CBC News, May 21, 2024; Sergiu Gatlan, “LockBit says they stole data in London Drugs ransomware attack,” Bleeping Computer, May 21, 2024.
Government of Nova Scotia, “Update on MOVEit Global Security Breach,” June 6, 2023.
Department of National Defence, “Update: Incident affecting Brookfield Global Relocation Services (BGRS) systems,” October 20, 2023; Kailee Hilt, “As We Enter 2024, Cyberthreats to Canada Are Growing,” Centre for International Governance Innovation, December 28, 2023.
City of Hamilton, “City Confirms Cyber Incident is a Ransomware Attack,” March 5, 2024.
Cyber Threat Intelligence Integration Center, “Ransomware Attacks Surge in 2023; Attacks on Healthcare Sector Nearly Double (PDF),” February 28, 2024.
Zack Whittaker, “How the ransomware attack at Change Healthcare went down: A timeline,” Tech Crunch, August 17 2024.
BBC, “Hospitals cyber attack impacts 800 operations,” June 14, 2024; Joe Tidy, “Stolen test data and NHS numbers published by hospital hackers,” BBC, June 21, 2024.
Abdulrahman H. Alamri, “Dragos Industrial Ransomware Analysis: Q4 2023,” Dragos, January 25, 2024.
Chainalysis, “Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline,” February 7, 2024.
Chainalysis, “Examining the Impact of Ransomware Disruptions: Qakbot, LockBit, and BlackCat,” May 6, 2024.
Europol, “Internet Organized Crime Threat Assessment (IOCTA) 2024,” July 26, 2024.
Bleeping Computer, “Ransomware as a Service and the Strange Economics of the Dark Web,” March 27, 2024; National Cyber Security Centre, “Ransomware, extortion and the cyber crime ecosystem,” September 11, 2023.
Matt Burgess and Lily Hay Newman, “The Unrelenting Menace of the LockBit Ransomware Gang,” Wired, January 24, 2023; Sergiu Gatlan, “FBI: ALPHV ransomware raked in $300 million from over 1,000 victims,” Bleeping Computer, December 19 ,2023; United States Department of Justice, “U.S. Department of Justice Disrupts Hive Ransomware Variant,” January 26, 2023.
United States Department of Justice, “U.S. Department of Justice Disrupts Hive Ransomware Variant,” January 26, 2023.
United States Department of Justice, “Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant,” December 19, 2023.
Europol, “Law enforcement disrupt world’s biggest ransomware operation,” February 20, 2024.
Europol, “Internet Organized Crime Threat Assessment (IOCTA) 2024,” July 26, 2024; Mathew J. Schwartz, “Ever More Toxic Ransomware Brands Breed Lone Wolf Operators,” BankInfoSecurity, August 1, 2024.
Abdulrahman H. Alamri, “Dragos Industrial Ransomware Analysis: Q4 2023,” Dragos, January 25, 2024.; Lucian Constantin, “Emerging ransomware groups on the rise: Who they are, how they operate,” CSO, May 24, 2024.
Jordan Pearson, “Ransomware Is ‘More Brutal’ Than Ever in 2024,” Wired, June 10, 2024; Matt Kapko, “Ransomware gangs incite fear in victims to fuel attacks,” Cybersecurity Dive, March 21, 2023.
Jordan Pearson, “Ransomware Is ‘More Brutal’ Than Ever in 2024,” Wired, June 10, 2024; Sophos, “Turning the screws: The pressure tactics of ransomware gangs,” August 6, 2024.
Mandiant, “Ransomware Rebounds: Extortion Threat Surges in 2023, Attackers Rely on Publicly Available and Legitimate Tools,” June 3, 2024; Sophos, “Turning the screws: The pressure tactics of ransomware gangs,” August 6, 2024.
Federal Bureau of Investigation, “Private Industry Notification (PDF),” September 27 ,2023.
SC Media, “Remote ransomware: What is and how to stop it,” January 12, 2024.
Alexander Culafi, “CISA: Akira ransomware extorted $42M from 250+ victims,” TechTarget, April 19. 2024; Recorded Future, “Ransomware Examples”; Trend Micro, “What is Ransomware?”
ThreatDown, “Threat Brief: Ransomware Gangs and Living Off the Land Attacks (PDF),” November 1, 2023.
Sophos, “Sophos 2023 Threat Report: Maturing Criminal Marketplaces Present New Challenges to Defenders (PDF),” November 17, 2023.
Daniel Sergile, “The Evolving Threat of Ransomware – A Call to Action for Cybersecurity,” Palo Alto, April 17, 2024.
Karen Weise, “In Race to Build A.I., Tech Plans a Big Plumbing Upgrade,” The New York Times, April 27, 2024; Jordan Jacobs, “Canadian AI Sovereign Compute Strategy,” Radical Ventures, April 7, 2024; Dylan Patel et. al., “ AI Datacenter Energy Dilemma – Race for AI Datacenter Space,” Semianalysis, March 13, 2024; Brookfield Renewable Partners, “Brookfield and Microsoft Collaborating to Deliver Over 10.5 GW of New Renewable Power Capacity Globally,” May 1, 2024; Cade Metz, “A Hacker Stole OpenAI Secrets, Raising Fears that China Could, Too,” The New York Times, July 4, 2024; Chris Miller, “The global chip war could turn into a cloud war,” Financial Times, July 30, 2024; CTIA, “2024 Annual Survey Highlights,” September 10, 2024.
KrebsonSecurity, “3CX Breach Was a Double Supply Chain Compromise,” April 20, 2023.
Mandiant, “M-Trends 2024 Special Report”; Mandiant, “Analysis of Time-to-Exploit Trends: 2021-2022,” September 28, 2023.
National Institute of Standards and Technology, “National Vulnerability Database.”
Eric Schmidt, “ AI , Great Power Competition and National Security,” Daedalus (2022) 151 (2): 288-298.
Rachel Metz, “OpenAI Scale Ranks Progress Toward ‘Human-Level’ Problem Solving,” Bloomberg, July 11, 2024; Aaron Holmes, “To Unlock AI Spending, Microsoft, OpenAI and Google Prep ‘Agents’,” The Information, April 18, 2024; Cade Metz, “OpenAI Unveils New ChatGPT That Can Reason Through Math and Science,” The New York Times, September 12, 2024.
Responsible AI Collaborative. “ AI Incident Database.” Further annotation of incidents in the database was performed by Canadian Centre for Cyber Security staff.
FBI, “FBI Warns of Increasing Threat of Cyber Criminals Utilizing Artificial Intelligence,” May 8, 2024; Check Point Team, “Generative AI is the Pride of Cybercrime Services,” February 1, 2024; Vincenzo Ciancaglini and David Sancho, “Back to the Hype. An update on How Cybercriminals Are Using GenAI,” Trend Micro, May 8, 2024.
Cybersecurity and Infrastructure Security Agency, “NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats,” September 12, 2023; Heather Chen and Kathleen Magramo, “Finance worker pays out $25 million after video call with deepfake ‘chief financial officer’,” CNN, February 4, 2024; Matt Burgess, “The Real-Time Deepfake Romance Scams Have Arrived,” Wired, April 18, 2024; Benj Edwards, “Deep-Live-Cam goes viral, allowing anyone to become a digital doppelganger,” arsTechnica, August 13, 2024.
Dena De Angelo, “The Dark Side of AI in Cybersecurity – AI-Generated Malware,” Palo Alto Networks, May 15, 2024; Matz, S.C., Teeny, J.D., Vaid, S.S. et al. “The potential of generative AI for personalized persuasion at scale.” Sci Rep 14, 4692 (2024).
Meta, “Adversarial Threats,” First Quarter, May 2024; OpenAI, “ AI and Covert Influence Operations: Latest Trends,” May 2024; Jeff Stone and Daniel Zuidijk, “Russian Bots Use Fake Tom Cruise for Olympic Disinformation,” Bloomberg, June 3, 2024; Nicholas Dufour et al., “AMMEBA: A Large-Scale Survey and Dataset of Media-Based Misinformation In-The-Wild,” May 19, 2024; Sheera Frenkel, “Israel Secretly Targets U.S. Lawmakers With Influence Campaign on Gaza War,” The New York Times, June 5, 2024; Omer Benjakob, “Israel Secretly Targeted American Lawmakers with Gaza War Influence Campaign,” Haaretz, June 5, 2024; Stephanie Levitz, Alex Ballingall, and Mark Ramzy, “Trudeau government raises concerns with Israel about ‘Islamophobic’ misinformation campaign that is ‘targeting Canadians’,” The Toronto Star, June 11, 2024; DFRLab, “Inauthentic campaign amplifying Islamophobic content targeting Canadians,” March 28, 2024; U.S. Department of Justice, “Justice Department Disrupts Covert Russian Government-Sponsored Foreign Malign Influence Operation Targeting Audiences in the United States and Elsewhere,” September 4, 2024.
Canadian Centre for Cyber Security, “Russian state-sponsored media organization leverages AI -enhanced “Meliorator” software for foreign influence activity,” July 9, 2024.
Canadian Centre for Cyber Security, “The threat from large language model text generators,” January 17, 2024; Canadian Centre for Cyber Security, “Cyber Threats to Canada’s Democratic Process: 2023 update,” December 6, 2023; Global Affairs Canada, “Russia’s use of disinformation and information manipulation,” February 28, 2024; Dustin Volz, “China is Targeting U.S. Voters and Taiwan with AI -Powered Disinformation,” The Wall Street Journal, April 5, 2024.
Jelena Vicic and Richard Harknett, “The mechanisms of cyber-enabled information campaigning,” Binding Hook, June 21, 2024; Brandy Zadrozny, “Disinformation poses an unprecedented threat in 2024 – and the U.S. is less ready than ever,” NBC News, January 18, 2024; Olga Belogolova, Lee Foster, Thomas Rid, and Gavin Wilde. “Don’t Hype the Disinformation Threat,” Foreign Affairs, May 3, 2024; Josh A. Goldstein and Renée DiResta, “Propagandists are using AI too – and companies need to be open about it,” MIT Technology Review, June 8, 2024; Cat Zakrzewski and Joseph Menn, “Russia and China Pounce on Trump Rally Shooting to Undermine U.S.,” The Washington Post, July 17, 2024; Matt Honeycombe-Foster and Andrew Mcdonald, “UK probes whether ‘state actors’ stoked far-right riots,” Politico, August 5, 2024; Will Bedingfield, “Generative AI is Playing a Surprising Role in Israel-Hamas Disinformation,” Wired, October 30, 2023; Andrew Ross Sorkin et. al., “An A.I.-Generated Spoof Rattles the Markets,” The New York Times, May 23, 2023.
Eric Berger, “Deluge of ‘pink slime’ websites threaten to drown out truth with fake news in US election,” The Guardian, June 20, 2024; Dan Patterson, “Black Hat 2024: Foreign Influence Operations Evolve as Narrative Attacks Become Sophisticated,” Blackbird.AI RAV3N Blog, 7 August 2024; Steven Lee Myers, Tiffany Hsu, and Farnaz Fassihi, “Iran Emerges as a Top Disinformation Threat in U.S. Presidential Race,” The New York Times, September 4, 2024.
Paul Scharre, Four Battlegrounds. Power in the Age of Artificial Intelligence, (New York: W.W. Norton and Company, Inc., 2023); “UAE’s Edge Group and G42 get into natural language processing,” Intelligence Online, March 22, 2023; Palantir Technologies Inc., “Form 10-K Annual Report for the fiscal year ended December 31, 2023”.
Mandiant, “M-Trends 2024 Special Report”.
Mandiant, “M-Trends 2024 Special Report”; Cisco Talos, “ArcaneDoor – New espionage-focused campaign found targeting perimeter network devices,” April 24, 2024; Andy Greenberg, “Russia’s New Cyberwarfare in Ukraine is Fast, Dirty, and Relentless,” November 10, 2022.
Canadian Centre for Cyber Security, “Cyber Activity Impacting CISCO ASA VPNs ,” April 24, 2024.
Canadian Centre for Cyber Security, “Joint advisory on PRC state-sponsored actors compromising and maintaining persistent access to U.S. critical infrastructure and joint guidance on identifying and mitigating living off the land,” February 7, 2024; Australian Cyber Security Centre, “Identifying and Mitigating Living Off the Land Techniques,” February 8, 2024.
Cybersecurity and Infrastructure Agency, “ PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure,” February 7, 2024; Gabby Roncone et. al.,“APT44: Unearthing Sandworm,” Mandiant, April 17, 2024.
Ken Proska et. al., “Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology,” Mandiant, November 9, 2023; Andy Greenberg, “Sandworm Hackers Caused Another Blackout in Ukraine – During a Missile Strike,” Wired, November 9, 2023.
The President’s National Security Telecommunications Advisory Committee, “NSTAC Report to the President. Addressing the Abuse of Domestic Infrastructure by Foreign Malicious Actors,” September 26, 2023.
United States Department of Justice, “Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate of the General Staff (GRU),” February 15, 2024; Canadian Centre for Cyber Security, “Cyber threat bulletin: Cyber Centre urges Canadians to be aware of and protect against PRC cyber threat activity,” June 3, 2024.
Andy Greenberg, “Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities,” Wired, April 17, 2024; United States Department of the Treasury, “Treasury Sanctions Leader and Primary Member of the Cyber Army of Russia Reborn,” July 19, 2024; National Cyber Security Centre, “Heightened threat of state-aligned groups against western critical national infrastructure,” May 1, 2024; Cybersecurity and Infrastructure Security Agency, “Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity,” May 1, 2024; Mauro Vignati, “Civilian hackers blur the lines of modern conflict,” Binding Hook, December 13, 2023.
Daniel Kapellmann Zafra et al., “Global Revival of Hacktivism Requires Increased Vigilance from Defenders,” Mandiant, June 27, 2024; Akinobu Iwasawa, “Israel-Hamas war draws Russian, Indian ‘hacktivists’ into shadow conflict,” Nikkei Asia, October 27, 2023; Canadian Centre for Cyber Security, “Alert – Risk of malicious cyber activity against Ukraine-aligned nations,” February 24, 2023; Canadian Centre for Cyber Security, “Alert – Distributed Denial of Service campaign targeting multiple Canadian Sectors,” September 15, 2023.
Dylan Robertson, “Cyberattacks hit military, Parliament websites as India-based group targets Canada,” CBC News, September 28, 2023.
Radware, “Hacktivism Unveiled, April 2023 Insights Into the Footprints of Hacktivists,” April 21, 2023.
Eric Schmidt, “ AI , Great Power Competition and National Security,” Daedalus (2022) 151 (2): 288-298; Peter Brennan and Chris Hudgins, “Market-leading US companies consolidate power in era of ‘superstar’ firms,” S&P Global, January 17, 2023.
Belle Lin, “CDK Global Hack Shows Risk of One Software Vendor Dominating an Industry,” Wall Street Journal, June 29, 2024; Bastian Benrath, “ AI Risks to Financial Stability Are Already a Central Bank Worry,” Bloomberg, May 7, 2024; Drew Bagley, “Achieving Ecosystem-level Cybersecurity: A U.S. Policy Perspective,” Crowdstrike Blog, June 11, 2024; Jeanette MAnfra and Charley Snyder, “CSRB report highlights the need for new approaches to securing the public sector,” Google, May 20, 2024; Office of the Superintendent of Financial Institutions, “Third-Party Risk Management Guideline”.
Tianjiu Zuo, Justin Sherman, Maia Hamin, and Stewart Scott, “Critical Infrastructure and the Cloud: Policy for Emerging Risk,” DFRLab, July 10, 2023; Microsoft Corporation, “Form 10-Q for the Quarterly period ended December 31, 2023”; Cybersecurity and Infrastructure Security Agency, “SVR Cyber Actors Adapt Tactics for Initial Cloud Access,” February 26, 2024.
Microsoft Threat Intelligence, “Midnight Blizzard: Guidance for responders on nation-state attack,” January 25, 2024; Microsoft Corporation, “Form 10-K For the Fiscal Year Ended June 30, 2023”; Alphabet Inc. “Form 10-K for the Fiscal Year Ended December 31, 2023”; Felix Richter, “Amazon Maintains Cloud Lead as Microsoft Edges Closer,” Statista, May 2, 2024.
Eric Geller, “The US Government Has a Microsoft Problem,” Wired, April 15, 2024; Cybersecurity and Infrastructure Security Agency, “Emergency Directive 24-02: «Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System,” April 2, 2024.
Cyber Safety Review Board, “Review of the Summer 2023 Microsoft Exchange Online Intrusion (PDF),” March 20, 2024; Lionel Sujay Vailshery, “Market share of major office productivity software worldwide in 2024,” Statista, February 9, 2024; UnitedHealth Group Incorporated, “Form 8-K (Amendment No.1),” February 21, 2024; Belle Lin, “CDK Global Hack Shows Risk of One Software Vendor Dominating an Industry,” Wall Street Journal, June 29, 2024; Jonathan Greig, “Multiple car dealers report disruptions to SEC due to cyberattack on software company,” The Record, 24 June 2024; Brookfield Business Partners, Corporate Profile (PDF), February 2024; AutoCanada, “AutoCanada provides update on CDK cyber security incident,” July 4, 2024.
Dan Geer, Eric Jardine and Eireann Leverett, “On market concentration and cybersecurity risk,” Journal of Cyber Policy, (2020), 5:1, 9-29.
Cyber Safety Review Board, “Review of the Summer 2023 Microsoft Exchange Online Intrusion (PDF),” March 20, 2024.
Matthew Schwartz, “Microsoft Azure Cloud Service Fails to Withstand DDoS Attack,” Gov Info Security, July 31, 2024.
Microsoft, “Mitigation Statement – Azure Front Door – Issues accessing a subset of Microsoft services, Tracking ID: KTY1-HW8,” July 30, 2024; Eduard Kovacs, “Microsoft Says Azure Outage Caused by DDoS Attack Response,” SecurityWeek, July 31, 2024.
United States Department of Defence, “Deputy Secretary of Defence Kathleen Hicks Keynote Address: ‘The Urgency to Innovate’ (As Delivered),” August 28, 2023; Amy B. Zegart, “American Spy Agencies are Struggling in the Age of Data,” Wired, February 2, 2022; Audrey Kurth Cronin, “How Private Tech Companies are Reshaping Great Power Competition,” The Kissinger Center Papers, August 2023; United States Space Force, “U.S. Space Force Commercial Space Strategy: Accelerating the Purposeful Pursuit of Hybrid Space Architectures,” April 8, 2024; Jonathan Horowitz, “One click from Conflict: Some Legal Considerations Related to Technology Companies Providing Digital Services in Situations of Armed Conflict,” Chicago Journal of International Law, Vol. 24, No. 2, Winter 2024.
National Counterintelligence and Security Center, “Safeguarding the US Space Industry,” August 18, 2023; Palantir Technologies Inc., “Form 10-K Annual Report for the fiscal year ended December 31, 2023”.
Reuters, “Russia warns West: We can target your commercial satellites,” October 27, 2022; Paul Mozur and Adam Satariano, “Russia, in New Push, Increasingly Disrupts Ukraine’s Starlink Service,” The New York Times, May 27, 2024.
Global Affairs Canada. “Statement on Russia’s malicious cyber activity affecting Europe and Ukraine,” May 10, 2022; Paul Mozur and Adam Satariano, “Russia, in New Push, Increasingly Disrupts Ukraine’s Starlink Service,” The New York Times, May 24, 2024.
Sam Fleming, Demetri Sevastopulo, and Clair Jones, “How national security has transformed economic policy,” Financial Times, September 4, 2024; Rush Doshi, The Long Game: China’s Grand Strategy to Displace American Order, (New York: Oxford University Press, 2021); Elias X. Huber, “Technology Controls to Contain China’s Quantum Ambitions Are Here,” Lawfare, August 22, 2024.
Parag Khanna, “The Coming Entropy of Our World Order,” NOEMA, May 7, 2024.