Menu

Cybersecurity Centre

CYBERSECURITY CENTRE OF EXCELLENCE IN SURREY

The goal is to create a Cybersecurity Centre of Excellence in Surrey to focus on regional planning and program implementation to address and implement actions for cybersecurity workforce, economic development and infrastructure ecosystems through collaboration with industry, academia and government agencies. The Surrey Board of Trade is leading the ecosystem to support the growth of the cyber industry, promote cybersecurity in Surrey and in BC.

As we confirm funding for an economic feasibility study, programs, advocacy, business relocation/co-location have already occurred and are in progress.

For more information: Anita Huberman, President & CEO, Surrey Board of Trade anita@businessinsurrey.com

SCAMS TO NOTE

BE AWARE OF SCAMS – FRAUD
Surrey RCMP is advising the public of the most common scams occurring in our community and how to avoid becoming a victim.

In 2023, Surrey RCMP received 229 reports of fraud involving cryptocurrency with total losses of over $12,000,000 to Surrey residents. The majority of frauds were related to investment scams.

In these scams, victims were introduced to cryptocurrency-related investments via social media, phone calls, online advertisements, and online dating platforms. Using spoofed websites and mobile applications with fake trades and profits, the victims are encouraged to invest money on the investing platform. When the victim attempts to withdraw their investments, they are typically asked for more money for taxes and other fees. Eventually the scammer stops communicating with the victim and the victim realizes they have been defrauded of all the money they believed they were investing.

This year, in January and February, the Surrey RCMP has received 50 reports of fraud involving cryptocurrency with losses of over $3,200,000.

Other Scams of Note

Job Scams
There has also been a significant increase in job scams involving cryptocurrency with 18 reports to the Surrey RCMP in 2024.
The job scams involve the scammers impersonating legitimate companies and asking the applicant for payment of supplies or to begin training. These fake jobs are often for reviewing products, websites or crypto trading and will request funds to be sent in cryptocurrency with promises to send money back to the victim.

Job scams may also involve receiving e-transfers, wire transfers, or cheques as part of the job, and the victim is asked to send the money to the ‘employer’. This is referred to as a ‘money mule’ and is used by organized crime groups to launder proceeds of crime.

Grandparent Scam
Scammers call seniors claiming to be family members or police and need immediate bail money to release a family member. The scammer will often send someone to their residence to collect the payment via cash, credit card, or debit card. The RCMP and courts will never call and ask for money, or send a courier to collect money. Bail payments or fines are paid at a police station or courthouse.

Rental Scams
Scammers will ask prospective renters for deposits to be sent by e-transfers without meeting in person or viewing the property. The postings are often AI generated and use information from other listings. Do not provide a deposit without signing a tenancy agreement and confirming the property owner’s identity.

Bank Scams
The fraudster impersonates a bank employee to ask you to assist in an investigation or advises there has been illegal activity with your bank account. Often the scammer will request money to be sent via crypto or gift cards. Do not send any money and attend your local bank branch.
Cellphone Scams

Phone calls and texts are received from spoofed phone numbers with someone pretending to be from a phone company and offering deals on iPhones. The fraudsters use these scams to gather personal and financial information to commit fraud and identity theft.

Fake Bank Drafts
Buyers of vehicles and luxury items, such as watches and designer handbags are providing bank drafts as payment. A recent surge in reports of fraudulent drafts has been reported where these bank drafts appear authentic and are of such high quality, they are often unnoticed by banks as being counterfeit. For these types of payments, it is recommended to attend the issuing bank with the purchaser to be able to confirm the validity of the bank draft.

What you need to know
The BC Securities Commission offers resources to help protect against investment fraud on their website: investright.org. The website provides insights and resources to educate and protect investors in BC, including the Investment Caution List – https://www.investright.org/tools-resources/enforcement/investment-caution-list/, a searchable list of unregistered and unqualified Investments being offered in BC.

Websites, email addresses and phone numbers are often spoofed. Exercise caution and always take a close look at spelling and for variations of the legitimate business names and websites.

If you have provided personal information, such as your Driver License, Passport, or SIN number; contact Equifax and TransUnion, the two main credit bureaus in Canada to prevent potential fraud. It is important to monitor your credit report for signs of identity theft and check for any unauthorized credit checks or applications.

For a list of current scams, or to report fraud online, visit the Canadian Anti-Fraud Centre. https://antifraudcentre-centreantifraude.ca/index-eng.htm

NEWS

Surrey Board of Trade and CyberCatch Partner to Support Surrey Businesses with Solution to Comply with National Cybersecurity Standard of Canada

RECORDING TO EXPLAIN PROGRAM

CAN/CIOSC 104 is Canada’s National Standard for Baseline Cyber Security Controls for SMOs and Businesses Should Comply

Surrey, British Columbia – March 31, 2022 Surrey Board of Trade and its member CyberCatch announced the introduction of CAN/CIOSC 104 Compliance Manager, an innovative, cost-effective cybersecurity Software-as-a-Service (SaaS) solution, to businesses in Surrey.

CAN/CIOSC 104 is Canada’s new national standard for baseline cyber security controls for small and medium sized business organizations (SMOs). The Standard was published by Canada’s CIO Strategy Council with support from Standards Council of Canada (SCC) to help SMOs. The national standard is specifically tailored for SMOs and prescribes up to 55 cybersecurity controls to mitigate cyber risk so the SMO can operate successfully in the digital world.

The CAN/CIOSC 104 Compliance Manager is a state-of-the-art cybersecurity SaaS solution, powered by CyberCatch. The solution comprises of a toolset to implement the necessary cybersecurity controls, with the help of a team of industry-leading cybersecurity experts. It also provides training to all employees and automatically and continuously tests controls so the SMO can fix security holes so an attacker cannot exploit and break in and steal data or infect ransomware.

“The Surrey Board of Trade is pleased to take the lead in Canada and partner with CyberCatch to introduce an innovative and comprehensive cybersecurity solution to businesses in Surrey, especially as we have seen so many cybersecurity concerns that businesses have and will continue to face,” said Anita Huberman, President & CEO, Surrey Board of Trade. “We will encourage businesses in Surrey to adopt the standard so they can stay safe and continue to be successful.”

The Small and Medium-Sized Businesses Vulnerabilities Report (SMBVR) revealed that 84% of SMOs in Canada are vulnerable to ‘spoofing’ and can easily be attacked digitally.

“Our mission at CyberCatch is to protect businesses from cyber threats so they can be safe, thrive digitally and grow the economy,” stated Sai Huda, Founder, Chairman and CEO, CyberCatch. “SMOs in Surrey can easily and cost-effectively comply with CAN/CIOSC 104 and maintain compliance and security. Our team of industry-leading cybersecurity experts will guide SMOs to cybersecurity success.”

The Surrey Board of Trade and CyberCatch will deliver an educational webinar on Canada’s new national standard and how businesses can comply and mitigate cyber risk on April 27, 2022, from 10:00 am – 11:00 am. Register at businessinsurrey.com.

For more on CAN/CIOSC 104 Compliance Manager, watch a demo and download a copy of a brochure, visit website.

About Surrey Board of Trade

Surrey Board of Trade, also known as the Surrey Chamber of Commerce, is a not-for-profit organization serving over 6,000 member business contacts, representing over 60,000 employees, in Surrey, Canada. The city-building business organization attracts business to Surrey and supports businesses in Surrey. They provide businesses and other organizations with economic opportunity, workplace development and education, international trade, government advocacy and business connections. Surrey is undergoing rapid development. Residential, commercial, industrial, and institutional development has accompanied significant population and employment growth. Surrey will be the largest city in BC within the next 10 years, growing by 1200-1400 people a month. For more information on Surrey Board of Trade, visit website.

About CyberCatch

CyberCatch is a unique cybersecurity Software-as-a-Service (SaaS) company that protects small and medium-sized businesses (SMBs) from cyberattacks by focusing on the root cause of why SMBs fall victim: security holes. It provides an innovative cloud-based SaaS platform coupled with deep subject matter expertise to help SMBs implement just the right type and amount of cybersecurity controls. The platform then performs automated testing of controls from three dimensions: outside-in, inside-out and social engineering. It generates the Cyber Breach Score to continuously measure cyber risk, and finds security holes and guides the SMB to fix them promptly, so attackers can’t exploit any missing or broken controls to break in and steal data or infect ransomware. CyberCatch’s continuous value proposition: Test. Fix. Secure. For more information, visit website.

Media Contact
For CyberCatch
Scott@PRMediaNow.com

ADVOCACY

The Risks of Cyber Crime — Electronic and Digital Issues

From the individual consumer to large corporations, cyber crime has cost the Canadian economy up to $3.12 billion dollars annually. The cost of protecting oneself and one’s business from being detrimentally affected is escalating; as precious resources are used for security, it is a barrier to economic growth.

Cyber crime is not a new phenomenon, but there is still a lot to learn in order to effectively respond to the threat. The nature of cyber crime continues to change faster than public institutions can fully understand them, regulate them and mobilize against them. For example, one of the most prolific and damaging cyber scams seen is the Business E- mail Compromise (BEC) scam which primarily targets businesses of various sizes and affects countries all over the world. Although the BEC scam is primarily a sophisticated social engineering scam, the BEC scam has cost victims over $1 billion to date.

According to the National Cyber Security Alliance, one in five small businesses are hit by cyber crime annually. In 2013, cyber attacks on small businesses rose 300% comprising 31% of all targeted attacks. Small businesses are particularly vulnerable without the resources to combat such attacks such as Remote Access Trojans used by criminals who were able to alter their online or payment terminals. On a larger scale, cyber criminals often target smaller business that have partnerships with larger organizations for the purpose of back door access to the larger partner’s stores of more valuable personal data, critical infrastructure and intellectual property. 71% of cyber crime attacks happen to small businesses, which do not have the same security levels as larger organizations. Almost half of small businesses have been victim of a cyber attack with the hackers seeking credit card credentials, intellectual property, and personally identifiable information.

Even governments are not safe. Since 2010, Public Safety Canada has spent $245 million on defending government computer networks, safeguarding critical infrastructure and educating the public.

Currently, there are no federal laws to require companies to disclose hacks, security breaches, thefts of data or money, so the general public has incomplete knowledge of which companies have been compromised. There are several models used elsewhere which can be adapted for Canada. For example, Australia’s ACORN program (Australian Cyber crime Online Reporting Network) collects citizen complaints so that police and industry can monitor trends, thwart organized criminal groups and arrange incidents for further investigation. Canada does have a Spam Reporting Centre and a government operated Canadian Anti-Fraud Centre, but neither is equipped to handle the exploding array of cyber-scams and malware that are targeting home and business computers.2

The Surrey Board of Trade has been leading awareness of, and action against, cyber crime for several years, recent recommendations requested that the federal government:

  1. Establish a centralized mechanism for the mandatory reporting of designated cyber security incidents to enable quantification of the potential damage to the Canadian economy.
  2. Establish a national educational program to increase awareness, among children, of cybercrime and prevention programs for introduction into school curricula.
  3. Establish a website to act as a clearing house for the most current information on cybercrime in Canada, for public information and education, with monitored links to similar central information points around the globe
  4. Cyber crime is occurring exponentially in keeping with the growth of the digital marketplace. The federal strategy is focused primarily on national security threats and does little to combat the dramatic growth in email scams, online extortion and breaches at corporate computer networks. It will require all levels of government, RCMP and business to play a part in reducing and eliminating cyber crime in a coordinated strategy.

Recommendations
That the federal and provincial governments work in a coordinated way with stakeholders and business to:

  1. Increase integration amongst governments and policing agencies on cyber crime to effectively punish cyber criminals
  2. Promote digital literacy by establishing best practices for cyber resilience, including education on more sophisticated and specialized crime
  3. Invest additional financial and skilled human resources to the national cyber-security centre set up by government, industry and policing agencies to help investigate and warn the public about new and emerging cyber-threats

RESOURCES

Strengthening Canada’s Digital Defences – A Cybersecurity Playbook