Connect with us

Hi, what are you looking for?



Number of C&C Servers Hosted in Canada Jumped 83 Percent: Websense

Websense Report on Canadian Cybercrime Shows Increase in Advanced Malware and C&C Behavior, Decrease in Hosted Phishing

Websense Report on Canadian Cybercrime Shows Increase in Advanced Malware and C&C Behavior, Decrease in Hosted Phishing

Websense, the publicly traded security firm that recently announced it would be taken private in a buyout, today released its third annual “Canadian Cybercrime Report Card”.

“Overall, we’re continuing to see growth in malicious Canadian websites,” the report said. “This could be because the tech barriers to creating a website continue to decrease, resulting in a large portion of today’s webmasters not securing their machines properly. It could also be the result of a hosting company or ISP compromise, which is most likely why the Isle of Man is ranked number five on this list.”

Websense Logo“Canadian cybercriminal activity is quickly evolving and taking on more nefarious forms,” said Carl Leonard, senior manager of security research for Websense. “Hackers are moving away from the broad ‘spam everyone’ approach because it only yields cents on the click. They’ve set their sights on much more targeted attacks where social engineering of the actual user can turn into millions of dollars in potential criminal profit.”

Key Findings from the report include:

25 percent increase in malware hosting: Malware hosting on Canadian websites increased 25 percent year-over-year. In the last three months, Canada claimed the number 10 position for all countries hosting malware. There are several reasons for this increase ranging from compromised ISPs to large-scale compromises of Canadian sites built on vulnerable content management platforms like WordPress.

83 percent increase in C&C hosting: In the last year, the number of C&C servers on Canadian soil has increased 83 percent and moved Canada to the eighth spot on the current 2013 global cybercrime list.

67 percent decrease in hosted phishing sites: Over the last two years, hackers and spammers have targeted Canada’s trusted soil and servers for hosted phishing sites. However, in the last year, phishing decreased by 67 percent. Even with the broad decrease in phishing sites, in the first quarter of 2013, Canada is currently fourth on the global cybercrime list for hosted phishing sites.

Advertisement. Scroll to continue reading.

Third largest volume of hosted advanced malware C&C servers: Websense monitored the type of advanced malware used in the most sophisticated corporate espionage incidents and found that Canada hosts a disproportionate volume of advanced malware command and control servers. In fact, last year Canada hosted the third largest volume of servers communicating with the type of highly sophisticated malware responsible for stealing valuable corporate data. That is ahead of Korea, Germany, Russia and even China.

Cybercriminals are shifting their activities to countries like Canada that have strong infrastructure and traditionally have had better cyberreputations, the report explained. While the perpetrators may not be in Canada, Canadians are aiding this problem by hosting these activities.

“Malware authors don’t do things that are predictable,” said Fiaaz Walji, Websense Canadian country manager. “They have more success with their malicious plots by disguising their transfers from a ‘trusted’ server in Canada, as opposed to Russia, China or other countries with established cybercriminal activity. Organizations need a unified solution that integrates web, data, email, mobile and cloud security to stop advanced data stealing attacks and secure IP better than their competitors.”

Websense also voiced concern over the lack of action from Canadian authorities and law enforcement, noting that malicious sites in Canada seem to stay up longer than in other countries.

“Different laws and resources impact these takedowns,” the report said. “However, it’s important to remember that takedowns take a long time—often 12 to 24 months. And, by this time, many cybercriminals have moved elsewhere. Therefore, long-term policies must be considered. The public and private sector need to work together to effectively make this happen.”

A full copy of the report can be downloaded here

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...