#CyberFLASH: River Cree casino hacked, customer information compromised

poker-chipsThe River Cree casino says it was the victim of a “cyberattack” earlier this week that resulted in the theft of customer and employee information.

The casino, on the Enoch Cree First Nation just west of Edmonton, said it discovered the attack on Monday and immediately alerted the RCMP, the Alberta Gaming and Liquour Commission, the office of the Alberta privacy commissioner and a top cyber-security company.

“We knew our system was hacked, because over the weekend we experienced a lot of trouble using our system, and our systems going down,” said Vik Mahajan, general manager and chief operating officer of the casino.

“It seems like a pretty sophisticated attack.”

Many such attacks are conducted by hackers from outside the country, he said.

Mahajan said the casino has no idea yet how many people may have lost personal information.

River Cree president Robert Morin said in a statement the casino is in the process of contacting people whose information may have been compromised, and will set up a hotline to offer recommended steps they can take to protect themselves.

See original story here

#CyberFLASH: Ottawa Hospital hit with Ransomware, information on four computers locked down

B97375091Z.120141001155319000GS36SSNI.11The Ottawa Hospital has confirmed that four computers in its network of 9,800 were hit with ransomware last week which encrypted the information on those machines making it unaccessible to hospital administrators.

“No patient information was affected. The malware locked down the files and the hospital responded by wiping the drives,” said Kate Eggins a spokeswoman for the hospital. “We are confident we have appropriate safeguards in place to protect patient information and continue to look for ways to increase security. We would like to reiterate that no patient information was obtained through the attempt.”

The hospital wouldn’t divulge what was on the machines that were infected. However, Eggins said the machines were wiped clean of the infection and the information on the computers was restored as backup copies of the data was available

The infection on the Ottawa Hospital systems comes at a time when ransomware is surging to a fever pitch, attacking personal home computers and businesses alike. Ransomware, which is a virus and not an attempt to hack a computer system, starts by tricking a computer user to install malicious software on a personal or work computer.

The dangerous software usually comes in the form of a spam email, which is being sent in the form of an invoice, a website or video.

When the computer user opens the attachment, the software then gets to work encrypting all of the data on the user’s computer. By encrypting the data it locks out the user, making the data inaccessible to the computer user. In order to regain access to the files on the computer, the user is forced to pay a ransom. The ransom is usually requested in Bitcoin, which cannot be traced. However, there is no guarantee that paying the ransom will see the data on the machine unlocked.

Read more here

#CyberFLASH: New CGI insider threat advisory services help government and private enterprise address critical cybersecurity issue

workplace-privacyMONTRÉAL – Today, CGI announced an important new offering – delivering strategic advisory and implementation services to help global government and commercial clients address cybersecurity threats that come from trusted insiders, such as current employees, contractors or business partners.

In CGI’s annual Voice of Our Clients program, 965 in-person interviews with commercial and government organizations around the world identified cybersecurity as a top 5 issue. They stated that this threat is becoming increasingly important as they transform to customer-centric digital organizations.

CGI’s program enables global organizations to become more proactive in their approach to mitigating insider risks by focusing first on cultural and behavioral change so organizations and employees alike view seemingly normal, everyday actions of employees through an insider threat “lens.” The program helps organizations analyze and correlate disparate data sources to uncover potential risks and threats.

“An active insider threat risk management program should be an integral part of security for every organization,” said Michael E. Roach, President and Chief Executive Officer, CGI. “Emanating from our extensive work in the United States this critical capability is now available to companies and governments world-wide.”

CGI helps clients integrate an improved security posture into their culture in light of today’s ongoing security challenges. Insider threat program advisory services aid clients in defining a taxonomy for insider threat that reflects the organization’s culture and operations, mapping their risk profile, and creating a playbook for response and mitigation. The program uses sophisticated methodologies and creates a governance model for ongoing program management. CGI provides a wide range of program implementation services, from Insider Threat Program Office setup to ongoing monitoring services. Monitoring services can be provided as a managed service or on client premises.

Read more here

#CyberFLASH: Can business and government ensure Canada’s cybersecurity?

10712553Business finds itself on the front lines of global conflict these days like never before. Consider the high-tech assault on Turkey’s banking system, which disrupted credit card transactions and online services last December in the midst of tensions with Russia. Or the computer systems breach at the Warsaw Stock Exchange in October, 2014, claimed by Islamic State. When there is geopolitical tension – it does not have to be a declared conflict – cyberattacks by state or state-sponsored organizations are now inevitable.

These attacks have two main purposes. The first is to inflict immediate damage, by disrupting services and stealing information. The second, more pernicious, is to intimidate. And enterprises are not the only targets. There have been countless intrusions into the systems of government defence organizations and other departments in Europe and the United States in recent years.

Canadian businesses generally take this threat seriously and are investing significant resources to safeguard the integrity of their data. However, should we come under attack from foreign states, we expect our own government to have some role in protecting us against such attacks. It is imperative that Canada step up its game.

Prime Minister Justin Trudeau’s government has stated its intention to conduct an in-depth review of Canada’s defence strategy by the end of 2016. In light of the growing number of geopolitically motivated cyberattacks around the world, this important policy exercise must include cybersecurity as an integral component of defence strategy.

Read more here

#CyberFLASH: 51% of Canadian respondents to cybersecurity study have experienced loss or exposure of sensitive information

10712553More than half (51%) of Canadian respondents to a cybersecurity study have experienced an incident involving the loss or exposure of sensitive information within the last 12 months, Toronto-based IT firm Scalar Decisions Inc. said on Tuesday.

Commissioned by Scalar, the second annual security study involved a survey of 654 IT and IT security practitioners in Canada, with research independently conducted by Ponemon Institute. Respondents – the majority of whom reported their position at or above the supervisory level – came from a wide variety of industries and nearly two-thirds worked at companies with between 251 and 5,000 employees in Canada, said Scalar, which has offices in Vancouver, Edmonton, Calgary, Winnipeg, London, Toronto, Ottawa and Montreal.

Respondents to the survey, titled The Cyber Security Readiness of Canadian Organizations, reported an average of 40 cyberattacks per year, an increase of 17% over last year’s report. Seventy per cent reported that their organizations experienced situations where exploits and malware have evaded their intrusion detection systems, and 82% said that cyberattacks evaded their antivirus solutions.

On average, over the last 12 months, organizations spent approximately $7 million each on the following: damage to reputation and marketplace image ($2.6 million); damage or theft of IT assets and infrastructure ($1.6 million); disruption to normal operations ($1.1 million); lost user productivity ($950,625); and clean up or remediation ($766,667). With organizations reporting an average of 40 attacks per year, this makes the average cost per attack approximately $175,000.

In terms of response, only 38% of respondents said that their organizations have systems and controls in place to deal with advanced persistent threats (APTs), and organizations have an average of almost one separate APT-related incident per month, the study found. IT downtime, business disruption and theft of personal information were the primary consequences of APTs or zero-day threats experienced.

Read more here

#CyberFLASH: Privacy Class Actions are on the Rise in Canada

Close up of wooden gavel at the computer keyboardThere is a new trend in Canada towards privacy class actions being launched following a cybersecurity breach or an improper disclosure of personal information. Indeed, privacy class actions triggered by data breaches are growing in popularity in Canada, with between twenty and thirty privacy class actions currently pending or already certified. These lawsuits follow either a cybersecurity or another similar data security breach, or the launch of a new privacy-sensitive product or innovative marketing program.

On the data security front, businesses, particularly small to mid-size entities, often lack breach response policies, proper governance tools, and employee privacy training programs to prevent or promptly respond to breaches. They lack cybersecurity preparedness, which makes them vulnerable to privacy class actions following a security breach involving personal information.

On the privacy front, many businesses have recently received bad press because of new advertising programs, online business models and services. Canadian businesses have been capturing and analyzing large amounts of data for years and they are now at the point where they want to use this data. For instance, they are looking to sell analytic tools allowing others to obtain more insights into their (actual or potential) customers or to provide more personalized products, services or advertising, both online (i.e. mobile) and offline, sometimes even using location data.

Read more here

#CyberFLASH: Military hard drive containing personal information found by Halifax man

11-1A hard drive containing information believed to belong to the Canadian military is sitting in the closet of a Halifax man.

“It seemed to me like some of the documents contained information on personnel that I probably, or nobody, should be able to access unless they had the proper clearance,” Pete Stevens told Global News Friday.

Stevens found the hard drive at a recycling depot in Dartmouth almost a year ago. When he finally went to use it, he was surprised by what he found.

“I ran a recovery software and I basically saw some files that, basically, should have been deleted from the previous owner.”

The hard drive contains hundreds, if not thousands of pages of information. According to Stevens, he was able to locate encrypted emails, training manuals and blueprints within minutes of searching the drive.

Most of the information appears to be from the years 1999-2006 and deals with HMCS Halifax.

David Fraser, a privacy lawyer in Halifax, says no matter how old the information is, it’s not supposed to wind up in the hands of someone without proper clearance.

Read more here

#CyberFLASH: Former Rouge Valley hospital clerk fined $36K for selling patient info

image-4TORONTO — Former hospital clerk Shaida Bandali has been sentenced to two years’ probation, 300 hours of community service and $45,000 in penalties for handing over the personal information of new mothers to investment dealers peddling education savings plans.

Bandali pleaded guilty in August to one count of unregistered trading. On top of a $36,000 fine, Bandali must pay a $9,000 victim surcharge that goes toward a provincial fund that assists the victims of crime.

The Ontario Securities Commission alleged that she breached the confidentiality policies of her employer, the Rouge Valley Hospital group, to access the personal data of maternity patients and distribute it to one or more people selling Registered Education Savings Plans.

The OSC said Bandali created investor lists by using her unauthorized access to get patient information and selling those lists to RESP agents for cash.

Ontario Superior Court Judge Kathleen Caldwell said the fine reflected the seriousness of Bandali’s breach of trust.

“All of the victims had recently given birth and were thus, by definition, at a very stressful and vulnerable, albeit joyous, time in their lives,” Caldwell said in her decision.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.