#CyberFLASH: Canadian soccer players among latest Olympians to have medical data hacked

oly-soc-womensFour members of the Canadian women’s soccer team – Christine Sinclair, Sophie Schmidt, Rhian Wilkinson and Melissa Tancredi – were among athletes targeted on Monday in the latest leak of confidential medical documents.

The world anti-doping agency (WADA) says the information was hacked by a Russian cyber espionage group.

Olympic champions Mo Farah, Rafael Nadal, Justin Rose were also among those targeted.

Therapeutic Use Exemptions, or TUEs, allow athletes to take banned substances for verified medical needs and there is no suggestion any of those named have broken any rules.

None of the Canadian players named had any such exemptions at the time of the Rio or London Games, and the leaked documents show the exemptions they had for the use of Salbutamol had expired in January of 2009.

Salbutamol is a medication used to open the large and medium airways in the lungs.

Olympic champions targeted

Britain’s Farah became only the second man to retain the 5,000 and 10,000 metres Olympic titles at the Rio de Janeiro Games last month while compatriot Rose won the first gold medal in golf for 112 years.

Spaniard Nadal, a 14-times tennis grand slam winner, won Olympic men’s doubles gold with Marc Lopez. He also won the men’s singles title at the 2008 Beijing Games but missed London 2012 due to a knee injury.

Read more here

#CyberFLASH: Canada’s police chiefs: “We need laws that force cybercriminals to reveal their passwords”

image-3The news that Canada’s police chiefs are advocating for federal laws that would compel individuals to provide electronic passwords with a judge’s consent isn’t sitting well with some members of Canada’s IT community.

Earlier this week at its annual conference in Ottawa, the Canadian Association of Chiefs of Police (CACP) passed a resolution that formally requests legal measures to lawfully unlock digital evidence, citing the rise of cybercriminals who are using encryption tools to hide illicit activities as the impetus.

During a news conference on Tuesday, RCMP Assistant Commissioner Joe Oliver noted that at present under Canadian law, police cannot compel individuals to comply with a request to provide a password during an investigation. Law enforcement needs to keep pace with modern criminals who are effectively “going dark” by operating in cyberspace with tools that mask their identities, said Oliver.

“The victims in the digital space are real,” said Oliver, adding that Canada’s law and policing capabilities aren’t keeping pace with the evolution of technology.

But according to Jacob Ginsberg, senior director for Toronto-based email encryption software firm Echoworx, such as move would be an “unconscionable” one.

“While we don’t blame CACP for wanting tools to make their jobs easier, a law of this kind would criminalize privacy, and it would be unconscionable for a democratic society to draft a law whereby denying a request from police to go through your things, digital or otherwise, would be illegal,” he said in an email.

Read more here

#CyberFLASH: Canada’s spies expecting a budget boost

 

computer-laptop-keyboard-852OTTAWA—Canada’s spies are expecting a budget boost when the Liberals table their first fiscal plan next month, documents released Tuesday show.

The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) have estimated an additional $95 million for intelligence and cyber defence operations next year.

The figures were released in the government’s main estimates document, a best-guess scenario for departments and agencies released a month before the Liberals table their first budget.

CSIS expects an additional $35.5 million “in support of Canada’s national security and the safety of Canadians.” A breakdown of CSIS budget — grouped vaguely into “intelligence” and “security screening” — shows most of the increase will go to intelligence operations.

CSE, the electronic spying and cyber defence agency, is expecting a net increase of $59.5 million “in support” of its mandate. Specifically, CSE expects to spend the money to increase its “capacity to address cyber threats and advancements in technology.”

Together, the two spy agencies estimate they’ll spend $1.2 billion in 2016-17, a slight increase compared to the 2015-16 estimates of $1.075 billion.

CSE spokesperson Lauri Sullivan said in a statementthat the funding will go to addressing several “key vulnerabilities” in government networks, as well as moving forward with the national Cyber Security Strategy.

“CSE’s mandate, including our unique skills in areas like cyber defence, are critical in advancing Canada’s national security priorities,” Sullivan wrote.

Read more here

#CyberFLASH: University of Toronto researchers show how Canadian data can be vulnerable to US state surveillance

Canada cyber security newsWhile Edward Snowden leaked documents exposing the wide breadth of National Security Agency surveillance in 2013, the repercussions of those documents still inform conversations around online privacy concerns. And University of Toronto researchers have created an interactive database to show how NSA surveillance can even have an impact on Canadians.

The IXMaps database helps Canadians understand how their internet traffic moves—specifically, it helps Canadians understand how certain traffic routes, known as boomerang routes, move data into the United States and into the jurisdiction of the NSA before the data returns to Canada. The tool is funded by the .CA Community Investment program, which is dedicated to funding initiatives “keep Canadians at the forefront of the digital age,” according to its website.

“IXmaps highlights just how much of our Canadian web traffic is unnecessarily being routed through the U.S. and back againwithout our knowledge. The biggest concern about our data moving into the NSA’s jurisdiction is that Canadians do not have the same protections from NSA surveillance that Americans do, so our information is more vulnerable.” says Laura Tribe, digital rights specialist at Open Media. “ And as the Snowden revelations have highlighted, the amount of information being shared between the Five Eyes governments (Canada, U.S., U.K, Australia and New Zealand), means that our information doesn’t likely stop with just the NSA.”

Many of the major Internet providers in Canada have networks that favour north – south connections, pushing Canadian data flows toward key American routing hubs in New York, Chicago, Seattle, or California, and popular sites like Google, Facebook, YouTube, and Amazon leaves Canadian data vulnerable to American mass surveillance.

Read more here

#CyberFLASH: IXmaps illustrates how your “local” data travels through the NSA’s jurisdiction

IXmapsA new online database called IXmaps has gone live, put together by University of Toronto researchers and funded by the .CA Community Investment Program, to help Canadians understand how their data traffic moves, particularly how it moves through nodes in the United States and therefore under the jurisdiction of the U.S. National Security Agency.

The project is also designed to offer Canadians a sense of agency, in that you personally can contribute to the project, adding to the 40,000 internet routes already crowdsourced in the IXmaps database.

The most concerning point made by the project, for those that didn’t know already, is the fact that even if you’re sending an email from Point A (Halifax, let’s say) to Point B (any other Canadian destination), the data will almost definitely pass through an American data traffic hub and swept into the NSA info dragnet.

“There is nothing inherently wrong with data moving unencumbered across an interconnected global Internet infrastructure,” says the University of Toronto’s Andrew Clement. “It is, however, critical that Canadians understand the implications of their data being stored on U.S servers and moving through U.S. jurisdiction. ISPs need to be transparent, privacy protective and accountable custodians of user information in this regard. Internet users should be fully informed consumers and citizens when making choices about their sensitive personal data.”

And even if you’re not sending an email, but merely using a service like Facebook, Google, YouTube or Amazon, these are American companies operating in American jurisdictions, so again, subject to data snooping and the hysterical overreach of the Patriot Act.

Read more here

#CyberFLASH: There Has Been a ‘Sea Change’ in Privacy Rights in Canada, Warns Watchdog

Surveillance_610px

The man tasked with defending Canadians’ personal information, once decried as a government stooge, directly chastised the federal government over its efforts to track and surveil Canadians — and recommended that the new government put safeguards on how the government uses “big data” to spy on its citizens.

In his annual report, Daniel Therrien, the Privacy Commissioner of Canada, looked at three pieces of legislation that “taken together, these initiatives have resulted in what can only be described as a sea change for privacy rights in Canada.”

The first, C-44, allows Canadian spies to operate abroad and gives them more ability to obtain information without disclosing its origins; C-13, which creates new legal authority for cops and public servants to obtain Canadians’ personal data without a warrant; and C-51, the anti-terrorism legislation that opens the door for wide new intelligence-gathering and sharing.

All three bills, which are now law, were introduced by the Conservatives, but supported by the Liberals.

The Liberals have said they will change aspects of C-51, but have said little about the other two pieces of legislation.

In his report, released last week, Therrien recommended fixes for each bill — that the government include language to prevent CSIS from obtaining and using data that has been obtained through torture; that the law be updated to clarify when police are allowed to obtain Canadians’ data from their internet or cellphone companies without a warrant; and that legislation be introduced to toughen protections for Canadians’ privacy when departments want to share their information.

C-51 especially raised the ire of the commissioner.

Read more here

#CyberFLASH: IoT holds great promise for cities, but don’t spy on people

IMG_0397-e1449500476571-620x250Today’s urban centres face myriad problems; strained and dated infrastructure (roads, sewers, and transportation, electrical and communication systems) are further taxed by the escalating demands placed upon them by ever-increasing populations. While cities are looking to deliver more services and new, better infrastructure, they are constrained by limited funding and dealing with citizens who “want what they want, and they want it now.”

That’s according to Kathryn Willson, program director of Microsoft CityNext. Speaking at Technicity, an event co-hosted by IT World Canada and the City of Toronto last week, Willson provided concrete examples of how the Internet of Things has been put to use in cities around the globe – reducing dependencies on resources, creating efficiencies, and saving costs. IoT is providing viable, sustainable solutions that will help municipalities meet the needs of its citizens – and save the environment, she told the audience.

Take for example the city of Helsinki, Finland, which reduced the fuel consumption of its bus network. While GPS devices were already in use and the city had a good handle on where buses were, city officials sought to answer the question of ‘how’ buses were moving, looking specifically for areas of high-fuel consumption. Additional sensors were added to the accelerators, brakes and inside the engine compartment to measure temperature. Two actionable items were identified from the data, the first being a driver-training program. The second item related to construction of roads. The outcome: Helsinki reduced fuel consumption of its bus fleet by five per cent – saving millions of Euros as a result, she said.

Then there’s Paris, which has an electric-car-sharing program with 4,300 charging stations and 2,300 vehicles. People in the community subscribe to this service. The city’s goal is to have 25,000 gasoline cars off the road by 2023, reducing carbon emissions by 75,0000 metric tons. In addition, with improved customer satisfaction and fewer cars on the road, this new optional mode of transportation is benefitting citizens as owning a car in Paris costs about 5,000 Euros a year, while this program costs about 900 Euros.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.