#CyberFLASH: Trudeau must defend cyberspace: PM’s advisers

CPT101318547_ContentOTTAWA — Defending and advancing a free, open and secure cyberspace is essential to Canada’s prosperity as well as its commitment to human rights and democracy, advisers have told Prime Minister Justin Trudeau.

The next several years will bring steady progress in the development of international frameworks for the digital realm, including Internet norms, agreements and governance arrangements, says a briefing note presented to Trudeau when he took office in November.

Repressive regimes want to harness communication networks to silence criticism, control information and limit access — threatening to undermine the open and connected nature of the Internet, warns the note obtained by The Canadian Press under the Access to Information Act.

“There is a window in which Canada, drawing on its diplomatic strengths, could help preserve the openness, resiliency and security of cyberspace on which Canadians and people across the globe have come to rely.”

The note stresses the role of the Internet — with three billion users, and another billion expected by 2017 — in driving economic growth and creating opportunities for social and democratic progress.

Canada is working closely with its Five Eyes partners — Britain, the United States, Australia and New Zealand — as well as Sweden, France, Germany, the Netherlands, the European Union and Mexico to sway emerging powers and other developing countries that have yet to take a firm stance on cyberspace issues, the note says.

Read more here

#CyberFLASH: Canadian teen sentenced after “swatting,” “doxxing” across North America

hi-computer-user-silhouette-852-8colThrough his computer in a suburb of Vancouver, the Canadian teenager carried out a yearlong campaign of harassment and mayhem across North America.

He targeted mostly female gamers who had spurned his friend requests, chats and obscene demands. His weapons: Making bogus emergency calls that brought police SWAT teams to their homes. Hacking into their computers and accounts. Posting their personal information online.

His crimes disrupted lives from Toronto to Tucson, caused a school lockdown in Florida and briefly shut down part of Disneyland. In January 2014, his false call about a hostage-taking brought police to a home on West 136th Street in Burnsville. The family who lived there later found identity thieves had opened fraudulent accounts in their name, after the hacker circulated their financial data online.

On July 9, the 17-year-old who caused all this trouble, identified only as “BLA” in court records because of privacy laws, received a 16-month prison sentence from a judge in Port Coquitlam, British Columbia. He had pleaded guilty to 23 charges but came across to psychologists as “callous and remorseless,” according to the judge’s order.

The digital age has opened a Pandora’s box of harassment techniques with their own nomenclature: “doxxing,” for example, is posting someone’s sensitive documents or private information online. Made easier by Internet phone services, “swatting” means tricking the police to bring a massive response to an unsuspecting resident.

The Canadian teen’s crimes fit a pattern, said Danielle Citron, a law professor at the University of Maryland and author of the 2014 book, “Hate Crimes in Cyberspace.” The victims are primarily young women, who are stalked online with threats of rape and sexual humiliation, with the intention of silencing them by forcing them offline, Citron said.

Read more here

#CyberFLASH: When it comes to cyberspace, should national security trump user security?

Apple Hosts Event At Company's Town HallRon Deibert is the director of the Citizen Lab at the University of Toronto’s Munk School of Global Affairs.

Imagine if the government had knowledge of a critical vulnerability in a heart pacemaker, but decided to keep the information secret in order to exploit it as a weapon. Would that be okay? What about flaws in the electronic controls of a 747 that could be manipulated remotely to cause the plane to crash? Or a nuclear enrichment facility? Should they publicly disclose these vulnerabilities in the interests of user safety? Or should they keep them classified in case they provide comparative advantage in matters of national intelligence or warfare?

Whatever each of us may think about these questions, it appears the world’s most powerful spy agencies have already resolved on an answer: for them, national security trumps user security.

Today, the University of Toronto’s Citizen Lab is publishing a report documenting major security and privacy vulnerabilities in one of the world’s most widely used mobile applications: UC Browser. Chances are if you are a North American reading this, you have never heard of UC Browser. But if you live in China or India, it’s probably as familiar as Microsoft Explorer. In fact, UC Browser is used by over 500 million people, and is the fourth most popular mobile browser in the world.

Popularity aside, UC Browser has fundamental problems (problems the company is working to repair after our notification): it leaks a huge torrent of highly detailed personally identifiable data about its users. Those leaks include the unique identification number hard-baked into the device (IMEI), personal registration data on the user’s SIM card (IMSI), any queries sent over the browser’s search engine, a list of the names of any WiFi networks to which the device has recently connected, and the geolocation of the device. Some of this data is sent entirely “in the clear” without encryption; others are sent using weak encryption that could be easily decrypted. Some of it is sent the moment the application is turned on, in an “idle state.” None of it is sent with the explicit permission of its users.

Read more here

#CyberFLASH: China probes two Canadians for alleged theft of state secrets

Security-graphic-Shutterstock-250

A Canadian couple living on the border with North Korea is being investigated by Chinese authorities for stealing military and defence secrets.

For years, Kevin and Julie Garratt ran Peter’s Coffee House, named after the couple’s youngest son, in Dandong, a Chinese city across the Yalu River from North Korea. The cafe was opened in 2008, after Mr. and Ms. Garratt moved to northeastern Dandong after previously working as teachers in southern China.

But on Monday, the Vancouver couple – who have been living in China since 1984 – stood accused by Chinese authorities of espionage and stealing state secrets. Their immediate whereabouts were unknown and calls to their coffee shop went unanswered.

Read more here

#CyberFLASH: Feds lagging on cybercrime, hurting economy, Canadians, RCMP boss tells minister

Calgary Stampede 20130705

OTTAWA ― The RCMP commissioner has quietly warned Public Safety Minister Steven Blaney the government must do more to fight cybercrime — an expanding threat the top Mountie says is undermining the economy and putting Canadians at risk.

In a letter to the minister, commissioner Bob Paulson notes one pillar of the government’s cybersecurity plan focuses on both providing the public with information to protect themselves online and strengthening the ability of law-enforcement agencies to fight cybercrime.

“It is my view that the government needs to focus more on this pillar of the strategy,” Paulson says. “This growing threat significantly impacts the economic prosperity of our country, as well as individual Canadians.”

The letter, obtained by The Canadian Press under the Access to Information Act, was prepared for Blaney as part of an extensive briefing package sent to the new minister, who was appointed in July.

Accompanying briefing notes say, while efforts to secure the online world have progressed under the federal strategy announced in 2010, “a gap remains” concerning law enforcement’s ability to effectively tackle cybercrime.

The offences — which take on “a new scope and gravity” in cyberspace — include child exploitation, cyberbullying, Internet-based mass marketing fraud, identity theft, intellectual property infringement, money laundering and illegal goods trafficking.

Read more here

Navy spy’s actions only a bump on the road to better intelligence-gathering

OTTAWA – Royal Canadian Navy Sub-Lt. Jeffery Delisle supplied top secret intelligence to Russia from 2007 until his arrest in January 2012. Some say Delisle’s actions seriously damaged Canada’s participation in the “Five Eyes” intelligence community – Canada, Australia, New Zealand, the United Kingdom and the United States – the most exclusive intelligence-sharing club in the world.

Read more here

Feds need to add regulations to force Canadians to think about cyber-security, experts say

OTTAWA — One day after a top Tory senator suggested the government and Canadians didn’t want more regulations on how we use cyberspace, a former British spy chief said that thinking needed to be deleted.

Governments need to possibly create more red tape to force companies and individuals to think about cyber-security because too few are doing enough to protect themselves and others from cyber-threats, Sir David Pepper told a security conference Wednesday in Ottawa.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.