On June 6, 2023, Radio Canada broadcast an interview with Sami Khoury, head of the Canadian Center for Cybersecurity, during the 35th annual FIRST (Forum of Incident Response and Security Teams) conference. He addressed a recent report outlining the five main cyber threats looming over Canada: ransomware, critical infrastructure hacking, State-sponsored attacks, disinformation and AI.
He recognizes ransomware constitutes “the number one threat we face”, but refuses to throw in the towel over the increasing complexity of cybercriminal tools. On the contrary, he calls for constant vigilance and strengthening the Canadian people’s cyber culture in order to nip these attacks in the bud.
Moreover, Sami Khoury confirmed that a cyber incident hit critical infrastructure in Canada this year. Fortunately the attack was thwarted without causing any material damage. Up until then, Canada’s doctrine in terms of critical infrastructure had been, according to him, the following: “as long as Canada is not involved in military operations, foreign threats will not become a reality.”
“The incident I am referring to may demonstrate the contrary. Therefore we will have to pay closer attention and figure out if this is an isolated incident or if it is part of a larger trend that should be of concern to us,” added Sami Khoury.
The CCC’s report also predicts an inevitable rise in “misinformation, disinformation and mal-information” over the next few years. The CCC is therefore raising awareness on a large scale to encourage Canadians to get their information from reliable sources.
“This tactic was also used by States, as we have seen with the conflict in Ukraine, and the Russians have even used it against Canada. This led us to declassify information to prove that what had been broadcast wasn’t true,” he explained.
Finally he acknowledges that artificial intelligence poses cybersecurity problems, particularly due to the “speed with which this technology has evolved and the complexity of new models.” The CCC will thus launch a widespread campaign on the risks of language models such as ChatGPT, and carefully study their fraudulent use.
“Cybersecurity must be part of our daily lives, and we must keep mentioning it until we take all the necessary precautions without even having to think about them,” hopes Sami Khoury.