#CyberFLASH: University of Calgary calls cyber insurance invaluable

computer-laptop-keyboard-852The University of Calgary is urging other institutions to purchase cyber insurance, saying in their case, it has paid off.

Officials dissected a recent malware attack, the school’s response — and the changes they’ve made — at a well-attended campus town hall Friday afternoon.

Linda Dalgetty, vice president of finance and services, says the school bought cyber insurance last year and although it didn’t cover the $20,000 ransom the school paid, it was invaluable in other ways.

“In fact one of my messages coming out of this to my peers, both in Alberta and across Canada, is this is a good thing for you to have,” Dalgetty said.

“And again not just becasue it’s that monetary recovery, it’s the value that we had from helping us going through a difficult time with this malware crisis.”

She says the insurance came in handy hours after the school bought it.

“It was quite interesting, we made the decision to buy it, it went live on I think a Friday morning at 12:01 a.m., and our first phishing attack was at 2 a.m. that day, so it was very coincidental,” she explained.

Read more here

#CyberFLASH: Malware infection of University of Calgary computers partly fixed

university-of-calgary-entranceIT teams at the University of Calgary have succeeded in partly eradicating a malware attack that had officials warning students and staff not to use any school-issued computers Monday morning.

The malware is still affecting the school’s exchange email, Skype for Business, secure wireless and Active Directory systems.

University of Calgary spent $90,000 on legal fees related to CBC request for information

“Major progress has been made towards resolving current systems issues caused by malware, which is software intended to damage or disable computers and computer systems,” the U of C said in a release.

The school’s wireless network and Office 365 email systems are now operational. Exchange email and Skype for Business remain impacted, the school says.

“It is now safe to use UCalgary-issued computers to access available UCalgary networks and applications,” officials said in a release. “There are a number of users who remain impacted by the malware and they will not be able to access any UCalgary systems.”

Teams have been working non-stop to resolve the situation since it was first detected.

“It points out that anybody can be vulnerable. I don’t know how they got infected or how the malware got in there, but it’s a good lesson to everybody to be very, very skeptical if somebody tells you to download a file or click on a link or go to this webpage,” said U of C professor and cyber-security specialist Tom Keenan.

Read more here

#CyberFLASH: Carleton professor fights cyberattacks from Orléans

tony-bailetti-cybersecurityBehind locked doors at a municipal building in the Ottawa suburb of Orléans, Tony Bailetti is quietly working on a plan to turn Canada into a global powerhouse for fighting cyberattacks.

The professor is known for nurturing more than 200 companies in his job straddling Carleton University’s business and engineering departments.

These days, he jokes that he practically sleeps at VENUS Cybersecurity, a non-profit hub he created in a former town council office.

Bailetti is preoccupied by much more than malicious software nabbing credit card data from retailers like Target.

His eye is on big intrusions — the idea that cyberattackers could take down power grids and water systems, or remotely take over control of cars from their drivers.

And his goal is to have Canada “playing with the bigger boys and girls” to tackle the global problem of cybersecurity in fewer than five years.

“The people who have investments in critical infrastructure — we will be the go-to guys,” Bailetti said.

‘Bell-Northern Research of cybersecurity’

VENUS Cybersecurity was announced to great fanfare at a press conference at Ottawa’s City Hall in November 2013.

Politicians boasted that VENUS would create much needed jobs in the eastern suburb — and Bailetti has done that, though these are no run-of-the-mill jobs.

He has assembled some two dozen bright minds, many who have PhDs or are graduates of Carleton’s technology innovation management program. Some do research and development. Others conduct tests offsite.

Read more here

#CyberFLASH: CRTC launches Niagara malware investigation

crtc_logoThe warrant was obtained as part of an ongoing investigation relating to the installation of malicious software (malware) and the alteration of transmission data. The CRTC launched its investigation following a lead from FireEye Inc., a vendor specializing in cyber threat protection and forensics.

“We are working to protect Canadians from online threats by pursuing those individuals and entities who violate Canada’s anti-spam legislation,” Manon Bombardier, CRTC’s chief compliance and enforcement officer, said in a news release. “We are grateful for the assistance that FireEye Inc. provided which led to the execution of this warrant, and we will continue to work closely with our domestic and international partners in the fight against cyber threats.”

Canadians are encouraged to report spam, malware and other electronic threats to the Spam Reporting Centre. The information sent to the Centre is used by the CRTC, the Competition Bureau and the Office of the Privacy Commissioner to enforce Canada’s anti-spam legislation.

The CRTC does not comment on active investigations, nor does it name the individuals or companies under investigation.

Read more here

#CyberFLASH: New cybersecurity network aims to share data on emerging threats

malware-hacking-cybersecurityLeaders of some of Canada’s largest industries are creating a new network to help businesses and the public stay abreast of emerging cyber threats from malware, hackers and online criminals.

“The threat is constantly evolving. The kinds of attacks, viruses and malware are rapidly changing. Nobody has the capability of staying ahead of it all the time,” said John Manley, president of the Canadian Council of Chief Executives, which is spearheading the program.

Billed as the CCTX — or the Canadian Cyber Threat Exchange — it is set to launch in early 2016.

It will be run as an independent, not-for-profit organization open to business and institutions of all sizes. Its founding members include Air Canada, Bell Canada, CN Rail and HydroOne, as well as Royal Bank and TD.

Confidentiality around cyber breaches​

A CBC News investigation into cybercrime this fall determined Canada lags behind other countries when it comes to tracking, policing and thwarting cybercrime. Until now, Canada has had no system to track cyber incidents and private companies are not required to alert the public or customers when there is a breach.

Manley says most Canadian companies fear publicly acknowledging being a victim of a cyberattack for fear of losing business.

Read more here

#CyberFLASH: Malware – the gift you don’t want re-gifted

cra-passwords-security_211076204-e1402005190177OTTAWA – Online retail in Canada continues to increase, and according to a recent survey by TD Bank (Anatomy of an Online Shopper), more than seven in 10 (72 percent) of Canadians surveyed do at least some of their holiday shopping online.

As the online industry grows, cybercriminals are continuously finding ways to take advantage of unaware users or unsecured processes. How can you prevent this unwanted gift? For starters, simply being aware of the most common online threats — such as spam/junk mail, phishing and adware — can help ensure a safer online shopping experience.

Follow these proactive steps to help safeguard your online shopping security and privacy:

Connect to a secure network – avoid using open or public Wi-Fi. There’s a bigger chance for attackers to intercept your connection and obtain your access details such as passwords, and usernames.

Bookmark websites – to avoid typing in the wrong address, always bookmark your most trusted shopping sites.

Avoid opening unusual emails and links – to the untrained eye, distinguishing a valid email from a fake one could be a little difficult. If you want to make sure, look out for outrageous subject lines that come with “offers” that seem too good to be true. If you’re still unsure, you can double check with an official source.

Read more here

#CyberFLASH: Customers at Sheraton, Westin, other hotels hit by data-stealing hack

NYBZ120-15_2013_124926_highIf you stayed at a Sheraton, Westin or other Starwood hotel in the US or Canada this past year, you’ll want to keep an eye on your credit or debit card account.

Starwood Hotels and Resorts Worldwide said this week that point-of-sale systems at more than 50 of its hotels had been infected with malicious software. The malware, installed at gift shops, restaurants and other locations, let hackers make off with payment card data, including cardholder name, card number, security code and expiration date.

The company said in a statement that it has removed the malware and “implemented additional security measures to help prevent this type of crime from reoccurring.” It also said there’s no indication at this point that its guest reservation or preferred-guest membership systems were affected. The company added that there is no evidence that customer PINs or contact information were captured.

A list of affected hotels includes facilities in major cities, such as the Sheraton New York Times Square hotel, the Westin Michigan Avenue Chicago, the Westin Los Angeles Airport and Le Centre Sheraton Montreal. The Walt Disney World Dolphin hotel was also hit. Timing of attacks varied from place to place, but the earliest listed happened in November 2014, with the most recent occurring in March of this year.

Read more here

#CyberFLASH: Russian cyber group seen preparing to attack banks


n-ONLINE-SPYING-largeA security firm is warning that a group of Russian hackers known for targeting military, government and media organizations is now preparing to attack banks in the U.S. and elsewhere.

The group’s preparations, which have included writing new malware, registering domain names similar to those of intended targets, and setting up command-and-control servers, were discovered by analysts from security firm Root9B.

The group has been active since at least 2007 and is known by various names including APT28 and Pawn Storm. Several security vendors believe it operates out of Russia and has possible ties to that country’s intelligence agencies.

The group’s primary malware tool is a backdoor program called Sednit or Sofacy that it delivers to victims through spear-phishing emails or drive-by downloads launched from compromised websites.

The Root9B analysts came across a phishing domain at the end of April that was similar to that of a Middle Eastern financial institution, according to a report published Tuesday. When they dug deeper they uncovered new Sofacy malware samples and servers and domains that were being set up by the group for an upcoming operation.

Based on the information gathered so far, believes the group’s planned targets include Commercial Bank International in the UAE, Bank of America, TD Canada Trust, the United Nations Childrens Fund (UNICEF), United Bank for Africa, Regions Bank, and possibly Commerzbank.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.