#CyberFLASH: Organised fraudsters pose biggest cybersecurity threat: survey

Digital fingerprint

The growing onslaught of cyber security attacks reflect a rapidly evolving criminality whose impact is near-unanimously expected to continue growing as mobile compromises, financial fraud and organised groups of fraudsters outweigh other risks such as those posed by supply-chain partners, a recent survey of IT decision makers has found.

Conducted by Ipsos MORI on behalf of BAE Systems Applied Intelligence, 84 per cent of the respondents to the the Rise of Digital Criminality report – who hailed from the UK, US, Australia and Canada – said that the number of cyber attacks was likely to increase, even as 30 per cent said they did not have crisis response plans in case their organisation was hit by a cyber attack.

Australian companies were less concerned about the number of attacks increasing significantly – only 37 per cent agreed, compared with 50 per cent in the UK, 38 per cent in the US and 30 per cent in Canada – but were the “least confident” in terms of their ability to prevent targeted attacks and their organisations’ understanding of the risks from new threat vectors, the report found.

“This is mirrored by a lesser awareness of protective initiatives than in other regions,” its authors advised. “Over 50 per cent of respondents were unaware of these initiatives before our research.”

Read more here

#CyberFLASH: Canadians confident, concerned about cyber attacks: Study


More needs to be done to raise Canadian exec awareness, says vendor

Leaders of Canadian organizations are more confident than American, British and Australian they can beat back targeted Internet attacks, according to a new survey.

The study, paid for by BAE Systems, which sells security and data solutions for governments, carriers and the transportation industry, showed that Canadians were the most confident when asked if their company and their sector were well equipped to prevent targeted cyber attacks.

The vast majority – 92 per cent — were confident in their organization’s ability to prevent targeted attacks compared to 88 per cent of respondents overall. A similar majority (90%) were confident in their sector’s ability to prevent attacks versus 78% overall.    

Respondents were 350 strategic and IT decision makers in the UK, US, Australia and Canada surveyed last fall.

Interestingly, though,  30 per cent of Canadian organizations surveyed did not have, or were unaware of, crisis plans in the event of a cyber attack on their company. Of those respondents who did have crisis plans, Canadians were the least likely to say these plans were well publicized ( 37 per cent compared to 54 per cent) overall.

Read more here

#CyberFLASH: Canada – Banks, insurers must watch out for cyber attacks, OSFI warns

Canada’s financial regulator is warning banks and insurance companies they need to beef up protection against advanced cyber intrusions from a growing list of actors.

“The increasing frequency and sophistication of recent cyber-attacks has resulted in an elevated risk profile for many organizations around the world,” the Office of the Superintendent of Financial Institutions said in a note earlier this week. “As a result, significant attention has recently been paid to the overall level of preparedness against such attacks by these organizations, including financial institutions…”

OSFI said it expects financial institutions to monitor their level of preparedness, and to this end it provided guidance on how companies should conduct a “self-assessment.”

Salim Hasham, an associate partner at PwC Consulting, said banks “have been at the forefront of [cyber] security for a long time” because they realize “they are really just very complex information organizations.”

“If you look at a bank today, it’s really just an IT company that takes deposits,” he said.

Read more National Post

Canada a haven for digital criminals: study

Cyberfile Hacktivists 20130213OTTAWA — A patchwork of Internet and digital security laws across the country has contributed to Canada’s new No. 3 ranking worldwide as the country of choice for cyber-criminals to set up sites with advanced malware, according to a new study.

But it isn’t just foreign criminals who are setting up shop on Canadian servers to take advantage of Canada’s good reputation in cyberspace: Foreign governments are doing the same to launch corporate espionage attacks on domestic and international companies, according to the 2013 cybercrime report card from Websense Security Labs.

According to the report card, Canada ranks third in the world for hosting malware, ahead of countries such as Germany, Russia and even China, which has faced allegations and accusations that it enables cyber-attacks and sponsors corporate espionage.

Read more here

Tracking terrorism trends: a new model for political risk?


Like other volatile risks, such as hurricanes and earthquakes, potential terrorist threats are being modelled and quantified by a small number of specialist catastrophe modelling firms, brokers and insurers.

Earlier this year, Towers Watson became the latest firm to develop a terrorism and political risk model.

The new model, called Sunstone, covers some 44 different attacks and 42 types of target around the world, including 702,000 individual locations in the US alone. These include high explosive attacks, chemical, biological, radiological and nuclear (CBRN), and more unusual threats such as cyber or an electromagnetic pulse. It also covers kinetic attacks such as the failed plot by Islamic terrorists earlier this year to derail a train in Canada.

“We wanted to be forward-looking,” says Holt. “There is little discussion about cyber terrorism or the potential for attacks on GPS systems, but we need to look beyond the type of incidents already prevalent now.”

Read more here

69% of surveyed Canadian businesses experienced cyber attack in a 12-month period: report


“Across business communities, there is a general lack of strategy, procedures and trained personnel to combat cyber crime,” notes the survey report, Study of the Impact of Cyber Crime on Businesses in Canada: Fighting Cybercrime Together.

The report suggests two factors could be responsible for the lack of preparedness: the damages (financial or reputational) caused by cyber attacks have not been significant to merit shifts in attitudes and behaviour; and/or organizations do not have enough awareness and knowledge of what strategies they should be implementing to minimize their vulnerability against such attacks.

Read more here

Business unprepared to combat ‘skyrocketing’ cyber crime, study warns

How Hacker Sleuths Found Zhang Changhe in Trail From Myrtle Beach to China

Canada has become a premier target for cyber crime in recent years, while most small business and online users who are attacked are both unaware they are being hacked and unprepared to defend themselves, a leading cyber security group found.

Nearly 70 per cent of finance, airline, telecom, utilities and aerospace and defense industries experienced some sort of cyber crime within a span of one year, a survey of 520 Canadian businesses conducted by the International Cyber Security Protection Alliance found.

Read more here

#OpPetrol Attack On Local Oil And Gas Companies

Members of the hacktivist collective Anonymous have announced plans to launch a cyberattack targeting the international oil and gas industry this week. The group has said that the attacks, dubbed Operation Petrol, are slated for June 20 and will involve the United States, Canada, England, Israel, Russia, China and Saudi Arabia.

In a video announcing plans for the attack, Anonymous said that their motivation is political.
Read more here
© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.