#CyberFLASH: CRA data breach should be the final straw

image-12If heads don’t roll after the latest security debacle at the Canada Revenue Agency, they should.

The tax agency revealed yesterday that a spreadsheet containing detailed information on a number of high-profile Canadians, including former PM Jean Chretien, author Margaret Atwood, ex drug czar Richard Pound and media mogul Moses Znaimer, had been sent to the CBC. The 18-page file included names, home addresses, and details of donations made to Canadian museums and galleries.

In a statement released late yesterday, CRA Commissioner Andrew Treusch attributed the accidental release of the personal information to human error, and said it “constitutes a serious breach of privacy.”

The CBC said it received the file electronically in response to an Access to Information Request. In a move that surprises no one, Treusch said the agency “has launched an internal investigation into the privacy breach and its security protocols.”

Read more here

#CyberFLASH: RCMP failed to keep records on warrantless access, watchdog says


OTTAWA—There’s no way to know if the RCMP complied with privacy laws in requesting Canadians’ personal information without a warrant, or even how often the Mounties made such requests, according to Ottawa’s privacy watchdog.

Privacy Commissioner Daniel Therrien said his office was not able to track how often the national police force requested access to Canadians’ personal information without a warrant — because the RCMP don’t track that information themselves.

“We were disappointed to find that limitations in the RCMP’s information management systems meant we were unable to assess whether such controls were in place,” said Therrien, in a statement.

“It was not possible to determine how often the RCMP collected subscriber data without a warrant. Nor could we assess whether such requests were justified.”

Therrien’s office revealed they were formally reviewing the RCMP’s warrantless access practices after the Star and the Halifax Chronicle Herald reported that police forces asked nine telecommunications companies for their customers’ information 1.2 million times in 2011 alone.

Read more here

#CyberFLASH: New counterterrorism powers already coming in cyberbullying bill

attack-powers28nw2Police in Canada will soon have new tools to track terror suspects through online records, bank accounts and other means – powers the RCMP Commissioner called for this week but which are already moving through Parliament.

RCMP Commissioner Bob Paulson made the request for new powers Monday after a pair of attacks last week that killed Warrant Officer Patrice Vincent and Corporal Nathan Cirillo. The Commissioner said police should, in some cases, need less hard evidence to get court approval to track suspects or to monitor them online or by phone.

However, police are already getting some of those powers. Bill C-13, the government’s anti-cyberbullying law with several controversial surveillance powers, would allow police to seek court orders for information, such as online records and bank account details, with what critics and privacy advocates say is too little evidence to back up the request.

The killing of the two soldiers has spurred Canada to review what powers it gives police to investigate terror cases, setting up a showdown over privacy rights.

Read more here

#CyberFLASH: ISIS supporter hacks website of University of New Brunswick Student Union


The University of New Brunswick Student Union has made a statement to the RCMP after their website was hacked by someone posting messages in support of the terror group ISIS.

On Monday night, the website was hacked by “Team System Dz,” with the header “I love you, ISIS” on top of the page.

The message on the website continued, “the state of Islam and the list expands, God willing… this time is a time of Islam and victory and lift the injustice for Muslims and the elimination of America and the allies of the infidels will not keep silent.”

The hacked message, in barely comprehensible English, was left on the website for about two hours.

“We were notified this evening that our website has been hacked, and have contacted our website provider and the RCMP. We are very concerned and upset about what has happened to our website and will be doing our best to rectify this situation as soon as possible,” the UNB Student Union said on their Facebook account Monday night.

Read more here

#CyberFLASH: Cybercrime: an overview of incidents and issues in Canada

 n-ONLINE-SPYING-CANADA-large570Cybercrime: an overview of incidents and issues in Canada is the RCMP’s first report on cybercrime, and focuses on aspects of the cybercrime environment that affect Canada’s public organizations, businesses and citizens in real and harmful ways.

This report covers a broad range of criminal offences where the Internet and information technologies are used to carry out illegal activities. It describes select crimes in Canada’s digital landscape to show the rising technical complexity, sophistication and expansion of cybercrime. While difficult to measure, these crimes show no sign of slowing in Canada.

The RCMP breaks cybercrime into two categories:

technology-as-target – criminal offences targeting computers and other information technologies, such as those involving the unauthorized use of computers or mischief in relation to data, and;
technology-as-instrument – criminal offences where the Internet and information technologies are instrumental in the commission of a crime, such as those involving fraud, identity theft, intellectual property infringements, money laundering, drug trafficking, human trafficking, organized crime activities, child sexual exploitation or cyber bullying.

Read more here

#CyberFLASH: Rise of the surveillance state


We have entered an age in which our conceptions of privacy and confidentiality are being redefined. Internet technologies such as email and the World Wide Web have made global communication easier, cheaper and faster than at any point in the history of civilization, but these technologies come with inherent privacy risks: Tools such as social media have blurred the lines between what is personal and what is public.

Our online activities leave digital breadcrumbs that show who we talk to, and when and where we talk to them. There is an appetite among law-enforcement agencies for access to that information, and the technology used to gather and analyze this data is becoming ever more powerful. While surveillance is sometimes necessary, we must strike a balance between the needs of law enforcement and the privacy expectations of Canadians.

Democratic governments around the world are passing laws that give law-enforcement agencies greater access to online information. The government of Australia is currently debating legislation that would give its national security agency sweeping powers to access information about its citizens’ use of the Internet.

Read more here

#CyberFLASH: RCMP seeking to double the size of its Ottawa-based digital crime-fighting unit


From investigating a major security breach at a federal agency to sifting through tons of emails in the Senate expenses probe, it’s been a busy year for the RCMP’s national cybercrime team in Ottawa.

So busy, in fact, that the Integrated Technological Crime Unit is looking to grow. While officials won’t say so publicly, a source told Postmedia News that the RCMP is seeking to almost double the size of the 12-member team.

While most RCMP divisions have cybercrime units, the one located in National Division is unique in that it specializes in responses to security breaches involving federal departments and assists in “sensitive” investigations of national interest.

Insp. Jeff Beaulac, officer in charge of technical investigation services at National Division, said he couldn’t discuss expansion plans but acknowledged that the team is in high demand.

“In the past we would seize one computer and analyze the data, now we deal with a multitude of devices and the data examination has grown substantially. We’ve gone from gigabytes to terabytes,” he said.

Read more here

#CyberFLASH: State has virtually unfettered access to eavesdrop on you


The question is no longer whether Big Brother is watching us. The question is how many of his sibling state agencies are covertly tuning into our private communications?

News last week that the RCMP and CSIS are apparently using a covert device to track cellphone users without judicial oversight came and went quietly. Is this a sign that Canadians have become used to living in a post-privacy woerld? Or that we are so fatigued by continuous revelations about state intrusions that we lack the energy to react?

Whatever the case, the upshot is that we have quietly acceded to a profound change in human communication patterns, one that has reaped the state an informational bonanza. Unless we engage in a national debate — and soon — the end of privacy may be upon us.

Just over 40 years ago Parliament gave us a rigorous wiretap law; elaborate mechanisms that live on as a legacy of an era when personal privacy was a prized civil liberty.

Digital data surveillance, in contrast, is an open plain of unrestrained opportunity for official snoopers. The state has virtually unfettered access to eavesdrop or read every single personal communication with no mechanism for accountability.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.