#CyberFLASH: Hacked Canadian Forces website taken down after redirecting to Chinese state portal

screen-e1479413222153

Canadians trying to learn about career opportunities with the military instead found themselves staring at the landing page of the Chinese central government’s official web portal after the website forces.ca was apparently hacked Thursday to redirect users to the gov.cn domain.

The recruiting website, registered by the Department of National Defence (DND) in February 2001, redirected users to the Chinese government’s homepage until the error was spotted by DND officials, who took the site offline.

Canadians trying to learn about career opportunities with the military instead found themselves staring at the landing page of the Chinese central government’s official web portal after the website forces.ca was apparently hacked Thursday to redirect users to the gov.cn domain.

The recruiting website, registered by the Department of National Defence (DND) in February 2001, redirected users to the Chinese government’s homepage until the error was spotted by DND officials, who took the site offline.

Public Safety Minister Ralph Goodale said the incident was being investigated, but stopped short of labeling it a security breach.

“When something of this nature happens we treat it with real gravity, and we’ll investigate it,” he said according to the Canadian Press. “That process is underway right now, and as soon as we know the facts, we’ll be commenting further on that.”

Read more here

#CyberFLASH: $50M class action filed lawsuit against Casino Rama after cyberattack

A sign in front of Casino Rama  in Orilia Ont., on January 14, 2015. THE CANADIAN PRESS IMAGES/J.P. Moczulski

One day after Casino Rama announced it was the victim of a cyberattack, a $50 million “national privacy breach” class action lawsuit is in the works.

The suit is being led by Charney Lawyers PC and Sutts-Strosberg LPP. Both firms are well known litigators.

The lawyers have been involved in previous class actions concerning Bell Canada, Ashley Madison and Peoples Trust Company.

“This is a massive privacy breach. We still do not know the whole story but it looks like Casino Rama rolled the dice with employee, customer and vendor data rather than invest in state-of-the-art security measures,” Ted Charney of Charney Lawyers PC said.

David Robins of Suts-Strosberg LPP said that in this digital age Casino Rama’s employees, patrons and suppliers reasonably expected that their sensitive and confidential information would be protected.

Casino Rama became aware of the situation on Nov. 4.

Personal and banking information, along with social insurance numbers and dates of birth, were stolen.

The casino told people affected to keep an eye on their bank accounts, credit cards and other financial information.

On Friday evening, Casino Rama released the following statement:

“There is now evidence that stolen customer and employee personal information has been published on the Internet.

Read more here

#CyberFLASH: Canada’s energy sector braces for rising threat from activists

web-rb-cd-pipeline-security

Canadian security experts are increasing their vigilance against activists’ threats to the country’s energy infrastructure, as civil-liberties advocates worry about the use of improper surveillance on peaceful opponents to major projects.

In what is billed as a training workshop, Carleton University’s Infrastructure Resilience Research Group is playing host to a closed-door conference on Monday and Tuesday for lawyers, police, regulators and industry representatives on “the challenges of dealing with natural resource development projects and activism.”

One of the organizers, professor emeritus Martin Rudner, said there are significant threats from “domestic extremists” to Canada’s energy infrastructure, including pipelines, generating stations and transmission lines. Prof. Rudner is active on several industry-government-academic networks that consult on protection of critical infrastructure, including the energy and utilities-sector network managed by Natural Resources Canada.

“A lot of these concerns are overblown,” Ottawa lawyer Paul Champ said. He is a board member of the British Columbia Civil Liberties Association that has alleged RCMP and the Canadian Security Intelligence Service (CSIS) engaged in illegal surveillance of Canadians protesting against Enbridge Inc.’s proposed Northern Gateway pipeline.

The lawyer acknowledged there can be serious threats to existing critical infrastructure – both physical and cyber, from both domestic sources and foreign ones – and that they must be monitored and dealt with. But he said police and security agencies should not be involved in gathering intelligence against opponents of specific resource projects.

Read more here

#CyberFLASH: Customer information stolen in cyberattack, Casino Rama says

casino-rama

An Ontario casino says customer information has been stolen after an alleged cyberattack.

The Casino Rama Resort in Rama, Ont., says its customers, vendors and current and former staff should keep an eye on their bank accounts, credit cards and other financial information.

The resort says it became aware of the situation on Nov. 4.

It says customers’ credit inquiries and collection and debt information were stolen, along with employees’ information, including payroll data, social insurance numbers and dates of birth.

It says vendor information was also stolen.

The Ontario Lottery and Gaming Commission says the attack was site-specific, so customers who visited other casinos don’t need to worry.

Read more here

#CyberFLASH: Researchers hack Philips Hue lights via a drone; IoT worm could cause city blackout

philips-hue-100692511-large

Every once in a while, you read about an attack which has the potential for especially concerning consequences. Since reading about an IoT worm that could unleash all sorts of chaos, it’s come to mind again and again. Then it hit the radar of cryptographer and security pro Bruce Schneier. He wrote, “This is exactly the sort of Internet-of-Things attack that has me worried.”

Researchers from the Weizmann Institute of Science in Israel and Dalhousie University in Canada didn’t just theorize about the possibility of an IoT worm; using a few hundred dollars of readily available equipment, they created a proof of concept attack to exploit Philips Hue smart light bulbs.

Researchers have been taking aim at both ZigBee and Z-Wave wireless protocols for years. Hue light bulbs communication via the ZigBee protocol. Any new firmware is delivered via Over The Air (OTA) updates. In the researchers’ attack, the worm replaces the firmware.

In the paper, “IoT Goes Nuclear: Creating a ZigBee Chain Reaction” (pdf), researchers “describe a new type of threat in which adjacent IoT devices will infect each other with a worm that will spread explosively over large areas in a kind of nuclear chain reaction.”

Read more here

#CyberFLASH: Over Half Of Canadian Execs Say Security Is A Top Concern, But Aren’t Acting On It

cybersecurity2-915x700

A report from Microsoft Canada reveals that Canadian businesses aren’t doing enough to protect their data.

The survey revealed that while three-quarters of Canadians businesses (based upon a sample size of 700) say that implementing a digital strategy is among 2017’s top objectives, over half of them are concerned about security while migrating to the cloud.

However, Canadian executives are still navigating the security concerns that come with managing large amounts of data. Over half of Canadian executives said in a survey that security is their top concern when making the transition to the cloud.

“It’s great to see that the cloud continues to gain momentum and that Canadian businesses recognize its value,” said Janet Kennedy, president of Microsoft Canada, in a statement.

The survey also suggested that only 21 percent of Canadian executives feel fully prepared in case of a data hack or leak. Furthermore, local data residency is important to Canadian executives, as is addressing the growing concern that is cyber criminals and cybersecurity.

“The survey confirmed that business leaders need to feel confident that their data is secure and is being stored here in Canada. This is especially important for businesses with stringent compliance standards, such as government and healthcare organizations,” added Kennedy.

Read more here

#CyberFLASH: Microsoft shifts Canadian cloud focus from data sovereignty to data security

numoto-1-620x250

For the past few years, Microsoft Corp. has sold Canadian enterprise customers on its ability to keep their cloud-based data in Canada.

Now it’s trying to sell them on its ability to keep their cloud data safe.

With Microsoft operating two new data centres on Canadian soil, data security is supplanting data sovereignty as the focal point of its ongoing push into the cloud market here.

At the Microsoft Canada Tech Summit event in Toronto on Thursday, the company repeatedly emphasized its focus on security during a series of presentations highlighting cloud offerings such as Azure, Outlook and Office 365.

“Security is not a bolt-on. We don’t necessarily sell security as a separate product. It’s built into Windows, it’s built into Office 365, it’s built into Azure and all our products,” Takeshi Numoto, Microsoft’s global corporate vice-president of cloud and enterprise, told reporters at a media round table after the event.

Microsoft opened its first Canadian data centres in Toronto and Quebec City earlier this year. The move was welcomed by Canadian enterprises in sectors like finance, government, and healthcare, which must keep customer data within Canada to comply with security and privacy regulations.

Read more here

#CyberFLASH: Data-driven defence will best protect enterprises, says expert

hacker-stolen-passwords

Tunnel vision is a phrase that describes looking too narrowly at a problem. To use a cliché, you don’t see the forest for the trees.

Infosec pros suffer from it as well, Roger Grimes, principal security architect in Microsoft’s information security and risk management practice, said at this month’s SecTor cyber security conference in Toronto.

Often all they see is a myriad of threats in front of them every day instead of concentrating on the ones that are most likely to pierce defences.

In short, he argues that what CISOs need to do is create a data-driven defence.

After the conference we caught up with Grimes and asked him to expand.

“I get hired to do penetration testing and in the last 20 years I’ve broken in in an hour or less, except for one company that took me three hours.” he said – and he considers himself an average attacker .”In attacking I’m not that great, but I can break into anything. The reason why is they just don’t do the simple things they should do – the stuff they’ve been told to do for 30 years: Patch, and don’t get tricked into running things they shouldn’t.”

“Most companies for one reason or another really aren’t trying to defend against the right things. The vast majority of corporations could significantly decrease the chance of attacks against their companies by better patching just a few programs and (with the savings) giving their employees better anti social engineering training. Yet companies spend millions of dollars on things that are absolutely not going to work because they don’t fix the two biggest elephants in the room:” Awareness training and patching most commonly exploited programs.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.