Canadians are actually wiser than most of their foreign counterparts when it comes to cybersecurity, new research suggests.
We have a higher cybersecurity IQ score, so to speak, than the global average when it comes to grasping the risks of cybercrime and how to protect ourselves from it, according to the Norton 2012 Cybercrime Report from Symantec. Only 21 per cent of the 500 Canadians surveyed “don’t understand the risk of cybercrime or how to protect themselves online,” the study said. That’s lower than the global average of 28 per cent.
Canadians also fare better in spotting malware and other types of cybercrime. Although 49 per cent of global respondents “agree that unless their computer crashes or goes slow (sic), it’s hard to know if they’ve been a victim of cybercrime,” only 42 per cent of Canadians downplayed the risk in the same way. And just 34 per cent of Canadians “do not know that malware can operate behind the scenes in a discreet fashion” compared to 40 per cent in the rest of the world.
As for why Canadians seem wiser about cybercrime and how to prevent it, one Norton official really isn’t sure why.
“It would be difficult for me to suggest why. It’s not that far off trend. It’s slightly lower,” said Marian Merritt, Norton’s Los Angeles-based Internet Safety Advocate.
Besides showing a potential Canadian superiority in cybersecurity, the report also highlights the shift in online criminal activity to newer mobile and social networks. The incidence of mobile vulnerabilities in 2011 doubled from 2010. And 40 per cent of all social network users globally said they have fallen victim to cybercriminals while using social media.
“There’s a trend away from traditional desktop cybercrime” towards crime targeting mobile devices and social media use, Merritt said.
The increase in threats targeting mobile devices also shows up in the latest Second Quarter Threats Report released Tuesday by McAfee.
“After the mobile malware explosion in Q1 2012, Android malware shows no signs of slowing down,” the McAfee report states. “Virtually all new mobile malware detected in Q2 2012 was directed at the Android platform and was comprised of SMS-sending malware, mobile botnets, spyware and destructive Trojans.”
The McAfee study also warns of an uptick in the use of Twitter to distribute mobile botnets: “The attacker can tweet commands with relative anonymity and all infected devices will follow them.”
Although cybercriminals are targeting mobile and social networks more often, consumers don’t seem to realize it or adequately respond to it. Even though one fifth of global respondents in the Norton study have already been a victim of cybercrime on social networks, less than half of all respondents – 44 per cent – use a security tool to protect them while on social media sites.
“Consumers just aren’t aware that cybercrime is moving (to social networks),” Merritt said. “Cybercrime of this changing nature isn’t as readily recognized as someone knocking you down in the street and taking your purse…(People) just don’t view it the same way they view a readily visible form of crime.”
With the bring your own device (BYOD) trend seeing more people using the same mobile device for personal and work purposes, will all of this risky behavior on mobile devices and social media sites ramp up the incidence of cybercrime in both consumer and enterprise networks? Not necessarily, Merritt said – as long as enterprise IT managers remain vigilant.
“The nature of the BYOD trend brings these new security issues in to the workplace. But on the enterprise side, IT managers are stepping up to the plate recognizing (the new risks) with the mobile workplace,” Merritt said.
That means most businesses are putting new IT security policies into place specifically aimed at protecting their networks from BYOD intruders. Some of those policies include employers setting up secured access to business networks among all employees regardless of their device, or “maybe specifying devices, maybe specifying operating systems” which staff must use at all times in order to access those networks, Merritt said.
Overall, the Norton report estimates the global cost of cybercrime in 2011 at $110 billion or $197 per person. In Canada the total cost of cybercrime was $1.4 billion or $169 per person. Just over 13,000 people were surveyed from 24 countries including Canada, the U.S., China, Brazil and Russia.