#CyberFLASH: Carleton University says it didn’t pay hacker’s ransom after cyberattack

hi-istock-computers-852

Carleton University confirms its IT network was attacked by ransomware — a type of computer virus that uses encryption to effectively hold files hostage in exchange for payment — but said it didn’t pay any ransom.

Systems are coming back online little by little after the problem appeared Tuesday morning, Roseann O’Reilly Runte told CBC News on Wednesday.

Classes are happening as regularly scheduled and Wi-Fi is available on campus, she said.

No ransom was paid, according to university spokesperson Don Cumming.

The university is expected to make a statement at 4 p.m. ET.

A graduate student at the university emailed CBC Tuesday to say the attackers asked for payment in bitcoin, a digital currency that is difficult to trace. According to a message he saw on a school computer, the attackers are asking for either two bitcoin per machine, or 39 bitcoin total to release the encrypted files — the latter equalling nearly $38,941 at today’s rate on the popular Bitcoin exchange Coinbase.

Students, employees warned Tuesday

On Tuesday morning, students and employees were warned that any Windows-based system accessible from the main network may have been compromised after an external group apparently attempted to hack the school’s IT network.

“To reduce traffic on the network, it is recommended that users refrain from using Microsoft Windows systems at the current time and shut down your computer,” the school warned in a message posted on its website and Facebook page.

On Wednesday, the university’s IT department said work is continuing to restore email services.

Read more here

#CyberFLASH: Carleton U warns students of hacker attack on IT network

gv_20140408_biv0108_140409938.jpg__0x400_q95_autocrop_crop-smart_subsampling-2_upscale

Carleton University is warning students and employees after an external group apparently attempted to hack the school’s IT network.

The school warned that any system accessible from the main network that is Windows-based may have been compromised.

The school’s IT security unit is attempting to secure the network from further attacks.

“To reduce traffic on the network, it is recommended that users refrain from using Microsoft Windows systems at the current time and shut down your computer,” the school warned in a message posted on its website and its Facebook page.

Ransomware messages demand bitcoin payments

The school said people may see ransomware messages appear on their screens, demanding payments in bitcoins.

“Users are asked to ignore all messages seeking a payment and are encouraged to report these messages to the CCS Help Desk at ext. 3700 or ccs.service.desk@carleton.ca,” the school said in a statement.

David Kenyi, a volunteer at the International Students Service Office, said he got a push notification on his phone of the system shutdown.

Read more here

#CyberFLASH: $50M class action filed lawsuit against Casino Rama after cyberattack

A sign in front of Casino Rama  in Orilia Ont., on January 14, 2015. THE CANADIAN PRESS IMAGES/J.P. Moczulski

One day after Casino Rama announced it was the victim of a cyberattack, a $50 million “national privacy breach” class action lawsuit is in the works.

The suit is being led by Charney Lawyers PC and Sutts-Strosberg LPP. Both firms are well known litigators.

The lawyers have been involved in previous class actions concerning Bell Canada, Ashley Madison and Peoples Trust Company.

“This is a massive privacy breach. We still do not know the whole story but it looks like Casino Rama rolled the dice with employee, customer and vendor data rather than invest in state-of-the-art security measures,” Ted Charney of Charney Lawyers PC said.

David Robins of Suts-Strosberg LPP said that in this digital age Casino Rama’s employees, patrons and suppliers reasonably expected that their sensitive and confidential information would be protected.

Casino Rama became aware of the situation on Nov. 4.

Personal and banking information, along with social insurance numbers and dates of birth, were stolen.

The casino told people affected to keep an eye on their bank accounts, credit cards and other financial information.

On Friday evening, Casino Rama released the following statement:

“There is now evidence that stolen customer and employee personal information has been published on the Internet.

Read more here

#CyberFLASH: National Cyber Security Awareness Month: 10 Tips For Businesses

148650499-e1416334498678

In a world that is more connected and accessible than ever, the declaration of October as national Cyber Security Awareness Month by governments and business leaders in several countries including Canada, the United States and Australia, is a strong statement that cybersecurity is an international safety concern.

The campaign aims to bring awareness to the wide scope of concerns that the term cybersecurity covers, including internet security, privacy, mobile safety, distributed denial-of-service (DDoS) attacks, botnets, hacking, data breaches, malware, pharming and phishing to name a few.

Now is a good time for businesses to review their cybersecurity practices. It is tempting to think that “it can’t happen to me”, but in the wake of Yahoo’s recent admission that personal data was hacked, it is clear that this can happen to anyone.

Of course, technological safeguards are critical to security, however operations and policy play a crucial role as well. The steps outlined below focus on tips that involve measures that go beyond technology.

  1. Plan on a Prudent Response. In a 2015 study commissioned by the Office of the Privacy Commissioner of Canada, only 41% of surveyed companies stated that they had policies or procedures in place that dealt with data breaches where there was a compromise of customer personal information. If an Incident Response Plan is made ahead of time in order to deal with a cybersecurity breach, a company will be in a position to respond quickly in a manner that mitigates harm to the business and to third parties (such as customers). Companies who do not make such a Plan are often caught flat-footed and fumble through an incident, and increase the risk of complaints to regulators and class action or other lawsuits.
  2. Build an Effective and Safe Cybersecurity Workforce. Robust recruitment processes that properly vet candidates will help ensure that the hiring of problematic employees is avoided. Unfortunately, many attacks come from inside an organization. Background checks are an important tool in the screening process. Employees play a key role in helping to prevent cybersecurity incidents. Proper training is key, and will enable employees to spot suspicious activities and events, and report them to the appropriate personnel. Employees are the single most important group of people who can help to reduce unintentional errors and technological vulnerabilities.

Read more here

#CyberFLASH: Canadian soccer players among latest Olympians to have medical data hacked

oly-soc-womensFour members of the Canadian women’s soccer team – Christine Sinclair, Sophie Schmidt, Rhian Wilkinson and Melissa Tancredi – were among athletes targeted on Monday in the latest leak of confidential medical documents.

The world anti-doping agency (WADA) says the information was hacked by a Russian cyber espionage group.

Olympic champions Mo Farah, Rafael Nadal, Justin Rose were also among those targeted.

Therapeutic Use Exemptions, or TUEs, allow athletes to take banned substances for verified medical needs and there is no suggestion any of those named have broken any rules.

None of the Canadian players named had any such exemptions at the time of the Rio or London Games, and the leaked documents show the exemptions they had for the use of Salbutamol had expired in January of 2009.

Salbutamol is a medication used to open the large and medium airways in the lungs.

Olympic champions targeted

Britain’s Farah became only the second man to retain the 5,000 and 10,000 metres Olympic titles at the Rio de Janeiro Games last month while compatriot Rose won the first gold medal in golf for 112 years.

Spaniard Nadal, a 14-times tennis grand slam winner, won Olympic men’s doubles gold with Marc Lopez. He also won the men’s singles title at the 2008 Beijing Games but missed London 2012 due to a knee injury.

Read more here

#CyberFLASH: ‘Unprecedented’ number of online privacy breaches reported in Alberta

edmonton-alta-may-13-2015-jill-clayton-the-informatioAlberta’s privacy commissioner is seeing an “unprecedented” number of breach reports under the province’s Personal Information Protection Act, including e-commerce hacks, ransomware and phishing scams.

A 15-member committee is in the midst of reviewing the act, which was last updated in 2010, and Wednesday heard suggestions from 10 presenters.

That included provincial privacy commissioner Jill Clayton, who told Postmedia afterwards that while she doesn’t think the act is a broken piece of legislation, she would like to see it tightened in a few areas, including extending it to cover non-profits and requiring organizations to have privacy management programs in place.

Clayton would also like to see the act address transparency reports when private organizations are compelled to disclose information to law enforcement or government agencies, including the number and nature of requests and disclosures, and their legal authority.

She said government agencies and law enforcement are increasingly relying on personal information collected by the private sector but, as the law stands, there’s no way for people to know the number, scale, frequency of or reasons for disclosures without consent.

“I think the public might be surprised at how often private sector businesses are giving up information to police, to law enforcement,” she said.

“The idea of transparency reports is to shine a light on that kind of disclosure.”

Read more here

#CyberFLASH: New data breach notification standards should be flexible, adaptive, ITAC says

a-woman-uses-her-computer-keyboard-to-type-while-surfing-the-internet-in-north-v

As Innovation Science and Economic Development Canada (ISED) prepares to release a second version of the country’s new data breach notification standards this fall, the Information Technology Association of Canada (ITAC) hopes the latest proposed regulations will take a flexible, outcome-based approach, while also providing a grace period to give businesses time to adjust.

“We want there to be an appropriate balance between the need to protect Canadians by notifying them of data breaches, and the costs and challenges sometimes faced by businesses in in doing so,” ITAC senior director David Messer tells ITBusiness.ca.

Since 2015, data breaches have been governed by the Personal Information Protection and Electronic Documents Act (PIPEDA), a law passed in 1998 to regulate how non-government organizations (excluding charities and not-for-profits) were allowed to collect, use, disclose, and dispose of personal data.

Under PIPEDA’s current regulations, organizations are responsible for all personal information within their control. They must also acquire consent from anyone whose data they collect; protect the information collected from loss or theft; and report data breaches that compromise its security to both the government, through the Office of the Privacy Commissioner; and to affected individuals, so they can take the steps necessary to mitigate damage; to ensure compliance with the act.

Consumers, meanwhile, have a right to examine their personal information, challenge its accuracy, and may withdraw their consent to provide said information at any time.

Read more here

#CyberFLASH: Eddie Bauer customer data hacked

eddie-bauer-bankruptcyAnyone who shopped at an Eddie Bauer store this year should be on the lookout for unusual activity in their payment card account statements, the chain has warned.

The company announced that the point-of-sale system at its more than 360 retail stores in Canada and the United States had been infected with malware.

The malware infection could have given hackers the ability to access customers’ payment card information.

Payment card information used for online purchases at eddiebauer.com was not affected.

“We have fully identified and contained the incident,” said Eddie Bauer CEO Mike Egeck. “In addition, we’ve taken steps to strengthen the security of our point of sale systems to prevent this from happening in the
future.”

Free ID protection offered

Eddie Bauer says its terminals were infected on various dates between Jan. 2 and July 17 this year.

The retailer says not all cardholder transactions were affected. But it says it will offer free identity protection services for a year to all customers who made purchase or returns during that six-month period.

Eddie Bauer said it is in the process of notifying customers whose payment card information may have been accessed.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.