#CyberFLASH: Cybersecurity threat ‘keeps us up at night,’ says Hydro Ottawa CEO

hydro-commandAs the electricity grid becomes more and more connected to the internet, Hydro Ottawa says it’s investing heavily to protect the system from cyber attacks.

“It’s huge,” said Hydro Ottawa CEO Bryce Conrad of cybersecurity. “It keeps us up at night.”

Conrad described how someone sitting in a bedroom at a computer on the other side of the world can try to hack into a utility’s information systems and do damaging things — like take down a grid.

“There are lots of examples out there where this has come true.”

And Conrad says he doesn’t pretend it can’t happen in Ottawa.

“We’re a G7 capital, so we’re not just Hydro Ottawa, we’re the provider of electricity to a G7 capital. If you don’t have electricity in the morning, you’re not doing a whole lot,” he added.

Connecting customers while preventing attacks

Cybersecurity is detailed as a risk facing the utility in the five-year strategy document that Hydro Ottawa tabled earlier this week at an Ottawa city council meeting.

The strategy describes an industry in the midst of transformation in which electricity systems are converging with, and are increasingly dependent on, information technology.

Read more here

#CyberFLASH: China slams Canada for ‘irresponsible’ hacking accusations


BEIJING – China’s foreign ministry accused Canada on Thursday of making irresponsible accusations lacking any credible evidence after Canada singled out Chinese hackers for attacking a key computer network and lodged a protest with Beijing.

Officials said “a highly sophisticated Chinese state-sponsored actor” had recently broken into the National Research Council. The council, Canada’s leading research body, works with major companies such as aircraft and train maker Bombardier Inc..

Canada has reported hacking incidents before, but this was the first time it had singled out China.

Read more here

#CyberFLASH: Hundreds of Canadian credit cards hacked by infected terminals, firm warns


A new strain of computer malware infecting payment card terminals in restaurant and gas station has compromised nearly 700 credit cards in Canada, a computer security firm says.

The viral code, JackPOS, infects point-of-sales terminals, a security breach similar to other highly publicized recent cases that struck victims such as the Target retailing chain or the White Lodging hotel management firm

According to a map released Monday by the California security firm IntelCrawler LLC, JackPOS stole data from 400 cards in Vancouver and from 280 other cards at a location in Longueuil, Que., south of Montreal.

IntelCrawler said the infection appeared about three weeks ago.

In an e-mail to The Globe and Mail, IntelCrawler CEO Andrew Komarov said the point-of-sales terminals were breached through remote access, by hackers who created a large list of possible passwords (such as POS1, Administrator or 123456789) and then “brute-forced” themselves into the systems.

Read more here

Was Halifax’s e-vote hacked?


It’s been several weeks since I revealed evidence that the online voting in last fall’s municipal elections in Halifax was not secure. Now I’m starting to wonder, does anyone care? How many people care about defending our most basic pillar of democracy—our elections?

I obtained the damning documents through an Access to Information request to the Canadian Cyber Incident Response Centre (CCIRC) of Public Safety Canada—the federal government agency charged with helping ensure internet safety. Although the documents were heavily censored, they made clear that right up until the day before online voting began on October 6, 2012, an outside security researcher, the CCIRC, the election software vendor (Scytl) and the Halifax Regional Municipality Elections Office were grappling with a myriad of security vulnerabilities.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.