More than 1,700 cybercrimes reported in Calgary last year, police say

Last year, more than 1,700 crimes reported in Calgary had a cyber component, according to police, and of those half were related to fraud or identity theft.

Half of reported cases related to fraud or identity theft

Staff Sgt. Cory Dayley is with the Calgary Police Service's cyber/forensics unit. (Michael Symington/CBC)

Last year, more than 1,700 crimes reported in Calgary had a cyber component, according to police, and of those half were related to fraud or identity theft.

On Thursday, police held a cybersecurity session for local businesses to teach them how to prepare for cyberattacks.

"We can stop calling it cybercrime, it's crime. It's the new age of crime," said Staff Sgt. Cory Dayley.

Dayley said that so far this year, there have been more than 40 cases of either a business's email being compromised, or an organization facing some sort of online ransom demand. 

About 100 people from 40 to 50 businesses around Calgary attended the session, including people from the energy, finance, healthcare and technology industries.

"The appetite for this type of content is huge," Dayley said. 

High cost of cyberattacks

Cyberattacks can be devastating to companies that aren't prepared.

In 2016, the University of Calgary paid $20,000 in response to a ransomware attack on the school's computer systems. The same year, Cowboy's Casino was hacked, leaking the information of 14,000 patrons and staff online.

Police said that in 2017, one of the businesses targeted by phishing was a small medical office. An employee clicked a malicious link in an email, which installed ransomware on all of the network's computers. The business was asked to pay $20,000 to unlock patient files. 

"It could absolutely cripple a company or put them out of business," Dayley said. "If you don't have a plan, you need one.… It's not a matter of 'if' anymore, it's a matter of 'when this day comes.'"

A representative of cybersecurity company Cybis gives a lecture on how businesses can think like an attacker. (Michael Symington/CBC)

Experts from cybersecurity agency Cybis presented on how organizations can think more like an attacker, and how they can be more resilient. 

Paul McGhee of Convergent Technologies said his physical security business added a whole division to tackle online threats.

"That's how monstrous the situation is, we've modified our business," he said.

McGhee suggested companies put policies in place, and institute a few basic rules to prevent disasters, like not inserting insecure thumb drives into computers, and regularly changing passwords.