Archive for NordVPN

Guest Post: Romance Scams Are On The Rise and Victims Need Support Says NordVPN

Posted in Commentary with tags on March 5, 2021 by itnerd

Cybercriminals exploit emotions and stressful situations for financial gain mainly. Thus, romance scams and cyberbullying are reported to be among the most common of cybercrimes. The fact that victims do not always seek help inflates the activity even more.

According to Cybercrime Support Network, romance scams and cyberbullying are the top most visited topics on FraudSupport.org. Meanwhile, Federal Trade Commission reports that in 2019, approximately $201 million were lost due to romance scams – almost 40% more than in 2018.    

Kristin Judge, CEO and Founder of Cybercrime Support Network, notes that victims of the aforementioned crimes often remain silent. “Not only are these types of cybercrime common, but can be very emotionally triggering. We understand that it can be difficult for victims of cybercrime to seek help.  It’s important to remember that you are not alone.” 

Romance scams are often long-term strategies, luring victims into believing they are in a long-distance relationship. The scammer will tell stories of personal financial hardships or medical emergencies. They hope that the victim will feel obligated or willing to help them financially. Scammers are searching for victims on dating sites and apps. 

Emotionally Charged Messages are Red Flags

Cybercriminals use social engineering techniques that evoke an emotional act on impulse. Judge says, “Cybercrime and online fraud can affect anyone, at any age, in any profession. If you receive a phone call, email, or text that uses urgent language like ‘act now!’ or ‘respond immediately,’ consider it a red flag.” 

As Daniel Markuson, the digital privacy expert at NordVPN, notes, the best thing is to stay informed about the newest scams. “Scammers are always looking out for new ways to lure people into their traps. And yet, emotions and lack of awareness are the universal weakness. Increase of scams surrounding the social turbulence and lockdown nowadays is just another proof of cybercriminals’ use of peoples’ vulnerabilities”.

Markuson advises always to double-check the sender and never download nor click on anything that you are not sure about. Scammers can rush internet users into taking harmful actions by pretending to be friends, family members, or colleagues. If you or someone you know has been impacted by cybercrime, visit FraudSupport.org for free resources.

Guest Post: NordVPN Discusses The Top 10 Biggest Data Breaches Of 2020

Posted in Commentary with tags on January 20, 2021 by itnerd

 

Last year, hackers were as active as never before, taking advantage of users’ vulnerabilities and the economic disruption amid the global COVID-19 pandemic. 

The number of cyberattacks is growing steadily every year, and 2020 was again the year that saw a great peak in cybercrime. According to the Risk Based Security report, 2,953 breaches were publicly reported in the first three quarters of 2020 alone, bringing the number of exposed records to a staggering 36 billion. In comparison, there were 15.1 billion records breached throughout the entire year of 2019.

“The still ongoing pandemic has drastically altered the way people work, shop, communicate, and entertain themselves,” explains Daniel Markuson, a digital privacy expert at NordVPN. “Our lives had to move online, making us leave more digital footprint, which has been attracting all types of scammers, fraudsters, and hackers who look for security vulnerabilities to exploit.”

Out of the enormous number of data breaches that happened in 2020, NordVPN experts picked the top 10 biggest leaks in terms of the data volume. The list includes leaky databases that were not necessarily breached per se but exposed sensitive data to the public. Some of the data breaches outlined below might have happened some years ago but surfaced only in 2020.

10. Unknown (201 million). In January, security researchers found a database of more than 200 million sensitive personal records exposed online. The leaky database with an undetermined owner was hosted on a Google Cloud server and consisted of highly sensitive personal and demographic data about US residents and their properties with names, addresses, email addresses, credit ratings, income, net worth, property market value, investment preferences, and other explicit details. It remains unknown if any unauthorized parties accessed the dataset, which was considered to be a gold mine for cybercriminals. Google was alerted about the case, and, after more than a month, the exposed server was taken offline.

9. Microsoft (250 million). In January 2020, Microsoft disclosed a data breach on its servers storing customer support analytics. The breach took place in December of 2019. 250 million entries, including email addresses, IP addresses, and support case details were accidentally exposed online without password protection. The leaky database consisted of five ElasticSearch servers, which are used to simplify search operations. Misconfigured security rules were blamed for the accidental server exposure, which Microsoft swiftly fixed.

8. Wattpad (268 million). In June 2020, a database of more than 268 million records belonging to Wattpad, a Canada-based website and app for writers to publish new user-generated stories, was breached. The malicious actors compromised Wattpad’s SQL database containing user account credentials, email addresses, IP addresses, and other sensitive data. After the incident, the company reset its users’ passwords. 

7. Broadvoice (350 million). In October 2020, news surfaced that Broadvoice, the US VoIP provider to businesses, exposed more than 350 million customer records, such as names, phone numbers, and call transcripts, including voicemails left with medical outlets and financial services firms. 10 databases belonging to the company were easily accessible to security researchers due to a configuration error which left them open without any authentication required for access. Broadvoice patched the security flaw and notified the relevant legal authorities about the incident.

6. Estée Lauder (440 million). In January 2020, the US cosmetics giant Estée Lauder had its unprotected database containing 440 million internal records exposed online. Researchers who found the unencrypted database say the exposed information included email addresses, internal documents, IP addresses, and other information belonging to the company-owned education platform. Once made aware of the issue, the company closed the database off.

5. Sina Weibo (538 million). In March 2020, it was reported that the biggest Chinese social media platform called Weibo was breached, and personal details of more than 538 million users were up for sale on the dark web and other places online. The exact timing of the data breach is unclear, but there’s speculation that it might date back to 2019. The hacker claimed that the sensitive data, including 172 million users’ real names, gender, location, and even phone numbers, was obtained from an SQL database dump.

4. Whisper (900 million). In March 2020, news broke that a popular secret-sharing app Whisper left 900 million user records exposed online. Anonymous personal confessions and all the metadata related to those posts, including the location coordinates and other sensitive information, were publicly viewable on a non-password-protected database, which, if accessed by hackers, could result in user identification and blackmail. After the company was informed about the incident, access to the data was removed.

3. Keepnet Labs (5 billion). In March 2020, Keepnet Labs, a UK-based cybersecurity firm, experienced a cyber incident during which a contractor temporarily exposed a database containing 5 billion email addresses and passwords from previous data breaches. According to the threat intelligence company, which collects historic breach data to notify its business customers in case their data was compromised, it was migrating the ElasticSearch database and disabled the firewall for about 10 minutes to speed up the process. The risky decision enabled security researchers to access the data without a password via an unprotected port.

2. Advanced Info Service (8.3 billion). In May 2020, Advanced Info Service, Thailand’s largest GSM mobile phone operator, had to take down one of its databases following an alleged data breach. A security researcher found an open ElasticSearch database online containing 4TB of internet usage data, or 8.3 billion records. The sitting-to-be-found information, such as DNS queries and Netflow data, could be used to map a user’s internet activity. The leaky database is secure now.

1. CAM4 (10.88 billion). In March 2020, researchers found an unprotected ElasticSearch server of the adult video streaming website CAM4, which was leaking 7TB of data, or nearly 11 billion records. The exposed records included user sensitive information, such as full names, email addresses, sexual orientation, chat and email correspondence transcripts, password hashes, IP addresses, and payment logs. The database error was fixed, however it remains unknown if any hackers accessed the highly sensitive information of members of the adult site, who usually prefer to stay anonymous.

 

Guest Post: NordVPN Discusses How Hackers Can Take Male Chastity Cage Users Hostage

Posted in Commentary with tags on December 8, 2020 by itnerd

Back in October The Verge reported that a niche IoT product allowing users to remotely lock and unlock a male chastity cage through an app has so many security flaws that hackers can take permanent control over the device and trap the victim’s genitals.

The vulnerability of IoT devices in general is a problem that presents a challenge not only for users’ personal lives, but also for companies they work for. As more and more users are working from home and connect to corporate infrastructures using the same Wi-Fi their household IoT devices are connected to, that also creates a gateway for hackers.

Since the IoT industry is in its infancy, almost all such devices have the potential to become cybersecurity risks. In the rush to bring them to the market, most manufacturers ignore security aspects.

All IoT owners are advised to take security measures upfront:

  • Change passwords if possible. Default factory passwords should be changed to strong ones containing capital letters, numbers, and symbols. Passwords should be different for each device.
  • Update all devices. Manufacturers often release updates that fix critical security vulnerabilities, and it’s important to install those updates as soon as they’re available.
  • Create an offline Wi-Fi LAN. Most IoT devices can operate on a LAN (local area network). Such local networks can connect smart devices inside one’s home without the need to connect to the internet.
  • Secure the router. Some routers can support VPN encryption. Routers with a VPN allow users to connect IoT devices in an office or at home. This, however, blocks all incoming communication, which may be inconvenient for users who want to control their IoT devices remotely.

Last year, researchers from a tech firm SEC Consult announced that the private sex life of at least 50,000 users had been exposed by a sex toy ‘Vibratissimo Panty Buster.’ Multiple vulnerabilities put at risk not only the privacy and data but also the physical safety of the owners. All customers’ data was accessible via the internet in such a way that explicit images, chat logs, sexual orientation, email addresses, and passwords were visible in clear text. But it’s not the worst part. The ‘Panty Buster’ toys could be hacked to remotely inflict sexual pleasure on victims without their consent.

“Of course, it doesn’t mean that, if something can be hacked, it will be. Many of these cases are still theoretical, but staying cautious would do no harm,” says Daniel Markuson, digital privacy expert at NordVPN.

Guest Post: NordVPN Has A Complete List Of Cybersecurity Tips Every User Must Follow: How Many Boxes Can You Check?

Posted in Commentary with tags on October 20, 2020 by itnerd

To the digital community, October is known as Cybersecurity Awareness Month. For the 17th time, the celebration continues to raise awareness of the importance of cybersecurity, online privacy, and digital hygiene in general.

Did you know that approximately 6.85 million accounts get hacked every day? This is 158 accounts per second! “Even though the statistics are shocking, every user can avoid the risk of becoming a target just by following the right cybersecurity practices,” explains Oliver Nobel, a data encryption specialist at NordLocker.

Repetition is the mother of learning, so it’s a good idea to go over the things you think you already know. The list below includes 22 key tips every computer and internet user should follow to protect themselves from becoming a victim of cybercrime.

  1. Use multi-factor authentication for an extra layer of security whenever possible.
  2. Create complex and unique passwords for your online accounts. Start using a password manager to help you generate strong passwords and store them in one safe place.
  3. Stay away from unsafe public Wi-Fi and use your mobile data instead. If you really need to connect to a public network, always use a VPN. A virtual private network encrypts all communications passing between your device and the internet so no outsider can intercept your traffic.
  4. Turn off the Wi-Fi on your device when you don’t use it. 
  5. Back up your data to a portable hard disk or cloud-based storage so you can always recover your information if it ever got lost.
  6. Disable Bluetooth when you don’t use it.
  7. Make sure your operating system is up to date both on your computer and smartphone.
  8. Enable your firewall. Most operating systems have a built-in firewall, which keeps outsiders from going through the data you keep on your computer.
  9. Make sure your antivirus is up to date.
  10. Buy and download apps and software only from official stores.
  11. Set your social media account to private. Before posting anything online, check who you’re sharing the information with. 
  12. Turn off geotagging to prevent your photos from including location-disclosing metadata.
  13. Don’t overshare online. Avoid posting your email, phone number, or home address on blogs, forums, and social networks when it’s unnecessary. Never share your emotions, intimate pictures, and vacation plans with strangers online.
  14. Don’t upload high resolution photos to social media platforms. Make sure to hide all the street names, building numbers, and any other information that can indicate your whereabouts.
  15. Encrypt the sensitive files you store on your computer and in the cloud. There’re easy-to-use file encryption tools that turn all your files and information into uncrackable codes that even skilled hackers can’t read without your permission.
  16. Shop only on secure websites. The address of a safe website should start with “https://” (often preceded by a padlock symbol), where the letter “s” stands for “secure.” 
  17. Look for telltale signs of a fake e-shop to avoid scams: poor website design, broken English, shady contact information, unclear return policies, poor customer reviews, and so on.
  18. Don’t open emails from unknown senders, as those might be phishing attempts.
  19. Don’t download any attachments from suspicious emails.
  20. Never click on scammy links. Always verify the sender and contents of the email before clicking on anything.
  21. Don’t use your work device for personal needs, and vice versa.
  22. When browsing online, always protect your data and location. Use a VPN, which hides your IP address and creates a virtual tunnel for your data to safely travel across the web.

NordVPN Introduces Colocated Servers

Posted in Commentary with tags on October 13, 2020 by itnerd

Following its promise to become faster, stronger, and more secure, NordVPN is proud to announce yet another upgrade to its infrastructure – the deployment of colocated servers. NordVPN is adding a private server network, wholly owned and controlled by the company itself. The custom-specific servers are expected to provide NordVPN users with an even higher level of security and privacy.

NordVPN’s first colocated servers are up and running in Finland. Several successful tests were run to make sure the new infrastructure operates at its best performance, provides high network speeds, and complies with top security standards.

Server colocation is just one of the many big steps in NordVPN’s product development progress. Only last week, AV-TEST, an independent provider of comparative tests, officially recognized NordVPN as the fastest VPN connection on the market. Furthermore, the company has just finished upgrading its entire infrastructure to RAM servers. Now, all NordVPN’s regular servers are RAM-based, which means that no information is stored locally. 

To continue staying ahead of the market-leading standards, NordVPN has recently undergone the second audit of its no-logs policies and became the first VPN provider to launch a public bug-bounty program. It’s also one of the founders of the VPN Trust Initiative, which is focused on creating industry guidelines and VPN business standards. 

NordVPN has recently announced a strategic partnership with Troy Hunt, a web security expert and the creator of Have I Been Pwned. Hunt is now a member of NordSec’s team of advisors who share their expertise and provide guidance on the company’s security and commercial practices. NordSec is a home for advanced security solutions, including the world’s most advanced VPN service NordVPN, the powerful file encryption tool NordLocker, the business VPN solution NordVPN Teams, and the next-generation password manager NordPass.

NordVPN Participates In Comprehensive VPN Industry Principles

Posted in Commentary with tags on September 30, 2020 by itnerd

NordVPN has committed to meeting the VPN Trust Initiative (VTI) Principles revealed today by the Internet Infrastructure Coalition (“i2Coalition”), the leading voice for web hosting companies, data centers, domain registrars and registries, cloud infrastructure providers, managed services providers and other foundational Internet technologies. 

The VPN Trust Initiative formally launched in December 2019 as a consortium of VPN business leaders focused on building understanding, strengthening trust and mitigating risk for VPN users and providers. The VTI is dedicated to ensuring VPN users gain the most benefits from this technology.

The VTI Principles offer a comprehensive set of best practices for VPNs providers to bolster consumer confidence and provider accountability and ultimately increase VPN adoption and access to the technology’s benefits. 

The VTI Principles have been informed by input from civil society and other outside experts to protect the privacy and security of VPN users, offer practical policy guidelines for VPN providers and ensure policymakers, regulators and the wider market have access to criteria for evaluating these technologies. The principles focus on five key areas: security, privacy, advertising practices, disclosure and transparency and social responsibility. 

As a leader in the VPN industry, NordVPN lends weight and credibility to the VTI Principles in its participation. 

The VTI formally launched in December 2019 as an industry-led and member-driven consortium of VPN business leaders focused on building understanding, strengthening trust and mitigating risk for VPN users and providers. The VTI is dedicated to creating and releasing resources to serve as a singular voice that provides appropriate and accurate industry-led stewardship. 

The founding five VTI members include: ExpressVPN; NordVPN; VyprVPN; Surfshark; and NetProtect (whose VPN brands include encrypt.me, WLVPN, SugarSync, IPVanish, StrongVPN, OverPlay, and SaferVPN). Companies that have since joined the initiative include Ivacy VPN, CloudFlare, Mysterium Network, GoldenFrog, Hide.me and WeVPN.

The VTI aims to reach consumers, legislators and technologists, promoting appropriate industry-led stewardship, providing accurate information to policymakers, informing the greater technology sphere and collaboratively establishing solutions to pressing VPN challenges.

To learn more about the VTI, please click here

To learn more about the i2Coalition and explore membership, please visit www.i2coalition.com

Guest Post: NordVPN Discusses Why Restricted Content On YouTube Is The Most Desired Among Canadians

Posted in Commentary with tags on September 25, 2020 by itnerd

The things people search for on engines like Google or Bing can tell a lot about how they live. New research by NordVPN reveals that video content on YouTube is the most desirable to unlock.

In total, 63,64% of Canadian internet users searching for how to unblock certain online services want to access content on YouTube. 

The rest of “unblock” searches from Canada are related to locked social media accounts due to forgotten login credentials or attempts to access Facebook, Instagram, or Snapchat in public places like schools, where the service is often restricted.

However, Canadians are half as concerned with unblocking Facebook than Americans — only 9.09% compared to 20.41% in the US.

“Globally, 82.7% of users are trying to access YouTube the most, but Google is also in high demand (5.7%). This proves that a substantial part of the world cannot enjoy unrestricted internet browsing. Not Canada, however, as the country is considered to have free internet. But content on YouTube still makes them feel at a disadvantage,” said Daniel Markusson, digital privacy expert at NordVPN.

Why do people look for how to unblock YouTube much more than other services?

Youtube is the second most popular website as of August 2020, with one billion hours of content watched daily. “Not surprisingly, some video content is not available in certain countries due to copyright or censorship. This makes people look for workarounds,” says Daniel Markusson.

First on the list is the US, accounting for 7.7% of all “unblock YouTube” searches.  The country is followed by India (6,5%) and Indonesia (5,3%).  Canada hits the top-10, with 0.62% of all searches worldwide.

Countries can be broken down into two groups: those that have little censorship over content on the internet and those where censorship prevails. 

Therefore, the reasons behind attempts to access blocked content on YouTube might be notably different. “One of the reasons behind “unblock YouTube” search volumes in Canada, the US, UK, Australia, and others are the result of students trying to bypass rules at school, where bandwidth is often blocked for YouTube. On the other hand, internet users from India and Indonesia are either trying to bypass censorship or overcome geo-restrictions imposed by content creators,” said Daniel Markuson.

Examples of censorship include Denmark blocking YouTube following a dispute over royalty fees and Germany blocking the service for 7 years on copyright grounds. Regimes are blocking the service to suppress the opposition. For instance, YouTube was censored in Venezuela during the presidential elections crisis back in 2019.

Methodology: NordVPN researchers used Google’s search term analysis tools to search terms including the keyword “unblock”.  Apart from global trends, search volumes were also checked by country. The analysis was based on search volumes over a period of 30 days.

Time frame: 15 June-15 July, 2020.

Additionally, researchers looked at the Freedom on the Net report 2019 by Freedom House to list the countries considered to be the most censored. 

Guest Post: NordVPN Discusses If Augmented Reality Will Harm The Influencer Business for Good

Posted in Commentary with tags on September 18, 2020 by itnerd

Gucci, an Italian luxury brand, is the first to get on the potential Generation Z market, shifting their efforts to Snapchat’s augmented reality (AR) shopping features. The app now offers lenses allowing users to virtually try on Gucci sneakers and purchase them directly through a “Shop now” button. 

As AR offers an effortless try-on of brand products, it technically eliminates intermediaries between brands and prospective consumers. This innovation makes Snapchat users self-influenced. 

Another iceberg approaching influencers’ fleet

The advertising industry values influencers for their ability to integrate brands into personal experiences in a way that speaks to their customers. People crave to have the same experience, which makes them want to buy things and eventually leads to successful sales. With the opportunity to self-influence by trying on lenses with different outfits, there is a chance that brands will no longer need influencers. Friends and family trying on designer pieces for free without leaving their apartment might become more inspiring and influential.

“There are multiple businesses that were once threatened by digitalization. Books, newspapers, and magazines were expected to vanish from the face of the earth, but are still here. What digitalization has done is created an omnichannel consumption and expanded audiences for the same products. The same might happen to online try-outs: they will become a convenient tool for making shopping decisions, but will not replace influencers. People will still be looking for ideas and inspirations outside their own imagination,” says Ruby Gonzales, Head of Communications at NordVPN.

The youth’s increased digital vulnerability 

As exciting as technology is, it has its own drawbacks. Snapchat reaches at least 105 million people a month in the United States alone, including over 90% of 13-24-year-olds and over 78% of 18-24 year-olds. According to Pew Research Center, Generation Z is the most vulnerable to phishing attacks.

“Every new tool means more sharing. Each shared picture is a disclosure of personal aspects of life, making people more vulnerable. Oversharing fuels cybercrime. It is advised to always think twice before taking a picture, making sure the snap doesn’t reveal the home address or other information that can be used to trace a person,” says Ruby Gonzalez.

Guest Post: NordPass Lists The 10 passwords That Haven’t Been Breached Yet

Posted in Commentary with tags on July 9, 2020 by itnerd

The password manager NordPass has listed 10 passwords that haven’t been breached yet. While these are not the only 10 passwords that haven’t been involved in a breach, security experts encourage users to take stock and follow (but not copy) the examples below to ensure that their personal data is secure. 

1.  UGr2@&589YpM

2.  #hS569Uryde*

3.  5E%CcE@5NCNv

4.  cZYS9K3&

5.  ^7Z$hVa^

6.  N!*dX5CJugZ4GSQ

7.  $KrCNqcXJ5EE

8.  4Tf$JbPCGpT#

9.  @*RbRAv2m4

10.  #43ZjeLG

“According to our research, a staggering number of people are still using blatantly  obvious and easy-to-guess passwords. The problem is compounded by the fact that people tend to reuse the same password for multiple platforms. This leads to millions of accounts being breached every year,” says Chad Hammond, security expert at NordPass.

At the end of last year, NordPass published a list of the 200 most popular passwords, which was compiled based on credentials leaked in data breaches. Independent researchers evaluated the database, which contains 500 million passwords in total. 

NordPass security expert Chad Hammond warns that although many people think they have nothing that hackers would find valuable or interesting, it is a common misconception. “Most of us use various online services, have access to internet banking, and shop online. The majority also have many accounts, such as email, Amazon, AliExpress, eBay, and many others. These accounts could be locked up for ransom or sold on the darknet. Just as an example, you can get a Netflix account for as little as $1.25. Subsequently, these accounts could be used in such activities as spamming, carding, and fraud.”

So, how do you secure your account tightly and what makes a good password? “The main quality of a strong password is length — it shouldn’t be short. Also, it should have upper and lower case letters, as well as numbers and symbols. We also encourage users to ditch any ties to their personal information and avoid using words you can find in a dictionary,” says the security expert at NordPass. 

In addition to creating a strong password, there are other steps you can take to keep your accounts more secure:

1. Go over all the accounts you have and delete the ones you no longer use. If a small, obscure website ends up breached, you might never even hear about it. You can use haveibeenpawned.com to check if your email has ever been in a breach.

2.  Update all your passwords and use unique, complicated ones to safeguard your accounts. You can generate effective and secure passwords online as well as check if they have ever been breached.

3. Use 2FA if you can. Whether it’s an app, biometric data, or hardware security key, your accounts will be much safer when you add that extra layer of protection.

4. Set up a password manager. It is the perfect tool for both generating and storing passwords.

5. Make sure to check your every account for suspicious activities regularly. If you notice something unusual, change your password immediately.

Guest Post: NordVPN Presents Research Showing That Canada Is The 13th Most Vulnerable Country To Cybercrime

Posted in Commentary with tags on June 19, 2020 by itnerd

Canadians are at high risk of becoming victims of cybercrime, according to the new Cyber Risk Index by NordVPN. Canada has a high-income economy, advanced technological infrastructure, urbanization, and digitalization. However, these same factors increase the prevalence of cybercrime.

NordVPN’s Cyber Risk Index covers 50 countries comprising 70% of the world population. Canada ranks as the 13th most vulnerable to cybercrime out of the analyzed countries.

What increases the cyber risk in Canada

Canada has landed in the high cyber risk bracket because of significant exposure to cyber threats. “Cybercriminals don’t look for victims, they look for opportunities — much like pickpockets in crowded places,” says Daniel Markuson, a digital privacy expert at NordVPN. “Spend enough time riding in a packed bus, and a pickpocket will ‘accidentally’ bump into you. Same story online. Your cyber risk increases with every extra hour online.”

NordVPN’s Cyber Risk Index shows that 9 out of 10 Canadians use the internet and 8 out of 10 shop online. All this presents more opportunities for cybercriminals to strike. “Canadians are very active on social media, and a whopping 16% of the population play online games — that’s the 8th highest score globally,” says Daniel Markuson. 

“Finally, Canada has the densest public Wi-Fi network in the world. Hyperactive online life and infamously unsecured public hotspots is a dangerous combination. You shouldn’t ever use public Wi-Fi without an extra layer of security,” says Daniel Markuson. 

The average monthly wage in Canada is almost $1500 higher than the average. “As your income increases, it’s only natural to enjoy the comfort of online shopping and other paid services. But that makes you a much more enticing target for cybercriminals,” says Daniel Markuson.

What decreases the cyber risk in Canada

Canada has a great score (8th globally) on the Global CyberSecurity Index, which is calculated based on legal, technical, organizational, and capacity building factors on a country level. 

However, cybersecurity infrastructure has a limited impact on cybercrime. “Cyber risk management on a national level is obviously important, but it hardly makes a dent on its own. Online security has to be tackled individually. Understanding what increases the cyber risk — that time spent online and income are very important factors — is a profound step towards a safer digital life,” says Daniel Markuson.

That’s another reason why Canada isn’t higher on the most vulnerable list. Most Canadians may be active internet users, but the time they spend online is limited. According to the Cyber Risk Index, Canadians spend 30 minutes less time online than the average of 50 analyzed countries. 

The method behind the Cyber Risk Index

NordVPN created the Index in partnership with Statista, the world’s leading business data provider. The Index was created in three stages. First, Statista collected socio-economic, digital, cyber, and crime data from 50 selected countries. Second, NordVPN analyzed the data’s positive and negative impact on cyber risk and calculated the correlation between the first three data sets (socio-economic, digital, cyber) and the fourth (crime). 

Finally, NordVPN trimmed the data down to the 14 most significant factors, used them to create the Index, and ranked the 50 countries according to the cyber risk they’re facing.