#CyberFLASH: Forum to focus on cybersecurity needs in US and Canada

GettyImages-556421117BOSTON – Cybersecurity experts are planning to hold a forum on ways the United States and Canada can toughen their online defences.

The discussion will focus on the growing number of lone wolf and foreign government-sponsored cyber-attacks that harm national security and commerce in both countries.

Thursday’s event is sponsored by The New England-Canada Business Council and will include a discussion of strategies needed to stem the tide of cyber-attacks — particularly those by crime syndicates, rogue nations, terrorist groups and individual hackers.

Organizers of the forum say the attacks disrupt the free exchange of information on the Internet and undermine business transactions.

One of the biggest cyber thefts on record was by an Eastern European crime organization that investigators say raked in $300 million from stolen credit card numbers.

Read more here

#CyberFLASH: Cyber security review still in early days, Public Security officials tell Senate

ralph-goodale.jpg.size.xxlarge.letterboxSpeaking before a Senate committee on national defence Monday, Monik Beauregard said that the department is under a tight timeline to review its efforts and get a report to cabinet.

But Beauregard said the department is still trying to figure out how wide or narrow the review will be.

“At this point, we’re all looking at the scope of the reviews and thinking about how to carry it out,” Beauregard told senators Monday evening.

In his mandate from the prime minister, Public Safety Minister Ralph Goodale was asked to lead the review into critical infrastructure protection, in co-ordination with five of his cabinet colleagues.

“Critical infrastructure” has a broad definition, but is typically thought of as systems, networks, facilities and assets essential to public safety, national security, and economic interests of Canada. That includes everything from bridges to roads, but also data centres, financial networks, and natural resources projects.

The new Liberal administration promised to revisit a number of controversial public safety measures introduced by the previous Conservative government, including plans to protect those pieces of critical infrastructure.

Read more here

#CyberFLASH: Canadian Cyber Security Powerhouses Bring Strategies for Stopping Advanced Threats to SC Congress Toronto


TORONTO – SC Congress Toronto 2014, Canada’s most prestigious and influential event for information security leaders, announces its fifth annual conference and expo at the Metro Toronto Convention Centre, June 17 and 18, 2014. The event brings together the brightest minds in the IT and information security field – from both the public and private sectors – to address the ever-evolving security threat landscape and the solutions and strategies necessary for defending Canada’s critical infrastructure and its enterprises.

SC Congress Toronto has become a staple for the Canadian information security industry. Attendees expect to gain essential information on the latest threats and issues facing the government and enterprise today. This year’s gathering will explore a number of key issues, including: the impact the NIST framework will have on businesses and critical infrastructure security; the future of PCI; and how threat actors will take advantage of the Internet of Things. Security practitioners will not want to miss this year’s event and the practical strategies outlined by some of the leading voices in enterprise network security.

Read more here

#CyberFLASH: Canada to battle cyber attacks


Canada needs to step up its fight against cyber attacks that increasingly threaten national security, Industry Minister James Moore said in Calgary Monday.

Ottawa plans to do just that as part of a wide-ranging, $900 million upgrade and expansion of Canada’s digital capacity, he said.

“It’s a serious threat to our networks, to our security,” Moore told the University of Calgary’s School of Public Policy.

He said 150,000 pieces of malware attack Canadian computer systems daily in actions that include espionage

In recent meetings with a diversity of world leaders, Moore said he’s heard a common refrain.

“With every single one of them, the subject comes up,” he said.

Some of those targeting Canada’s public and private networks are state actors, others non-governmental

Read more here

#CyberFLASH: CanSecWest Presenter Self-Censors Risky Critical Infrastructure Talk


A presenter at this week’s CanSecWest security conference has withdrawn his scheduled talk for fear the information could be used to attack critical infrastructure worldwide.

Eric Filiol, scientific director of the Operational Cryptology and Virology lab. CTO/CSO of the ESIEA in France, pulled his talk on Sunday, informing organizer Dragos Ruiu via email. Filiol, a 22-year military veteran with a background in intelligence and computer security, said he has been studying the reality of cyberwar for four months and came to the decision after discussions with his superiors in the French government.

Filiol said he submitted the presentation, entitled “Hacking 9/11: The next is likely to be even bigger with an ounce of cyber,” to CanSecWest three months ago before his research was complete. Since his lab is under supervision of the French government, he was required to review his findings with authorities.

“They told me that this presentation was unsuitable for being public,” Filiol said in an email. “It would be considered as an [incentive] to terrorism and would give precise ideas to terrorists on the know-how (the methodology) and the details regarding the USA (but also how to find weaknesses in other countries).”

Read more here

#CyberFLASH: Federal departments cite cyber-attacks among biggest risks


OTTAWA — Three years after hackers were found snooping around Treasury Board systems, a successful cyber-attack remains the biggest risk facing the department, according to a new report to Parliament.

And Treasury Board is not alone. IT security risks are mentioned in planning and priority reports for multiple departments as the federal government closes old data centres and modernizes an aging IT system that may not meet current security requirements.

Meanwhile, heavily censored incident reports give a glimpse of the environment departments are facing in the coming year. The reports, released under the access to information law to the Ottawa Citizen, show four instances between March 1 and July 31, 2013 in which hackers overwhelmed government servers with what’s called a “denial of service” attack.

In one case, an undisclosed government website was taken down. In another, a website was “intermittently inaccessible,” but no data were compromised. And in a July attack, public servants were cut off from their cloud computer.

Read more here

#CyberFLASH: Smartphones becoming prime target for criminal hackers


Cybersecurity analysts say nefarious forces are increasingly turning their attention to the most personal computer you own, the one you carry everywhere and trust with some of your most sensitive secrets – your smartphone.

 “Over the last two years or so, we have seen a huge influx” in the number of hackers targeting smartphones, says Roel Schouwenberg, principal security researcher for Kaspersky Labs, a well-known anti-virus firm. 

 Because these devices carry so much of our personal and financial information nowadays – to the point where many of us treat them like digital wallets – hackers are finding ways to gain unauthorized access to them.

 Most phones have little in the way of security and anti-malware protection. Given the right opportunity, malware creators can breach our email and contacts lists, monitor highly personal communications and capture vital data such as the password we type into our mobile banking app.

Read more here

#CyberFLASH: Alberta bitcoin bank Flexcoin shuts down after hackers stole all of its online coins


Flexcoin, a Canada-based bitcoin bank, said it was closing down after losing bitcoins worth about $600,000 to a hacker attack enabled by flaws in its software code.

Flexcoin said in a message on its website that all 896 bitcoins stored online were stolen on Sunday. Its collapse came after Mt. Gox, once the world’s dominant bitcoin exchange, filed for bankruptcy protection in Japan and said it may have lost some 850,000 bitcoins due to hacking.

“As Flexcoin does not have the resources, assets, or otherwise to come back from this loss, we are closing our doors immediately,” Flexcoin said.

It later posted an update on its site saying that the attack exploited a flaw in its code on transfers between users and involved inundating the system with simultaneous requests to move coins between accounts.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.