#CyberFLASH: 2 Canadian companies approached by China after NRC cyberattack

online-surveillance-20141030Two Canadian companies were approached by Chinese businesses shortly after the National Research Council’s computers were hacked this summer, leaving them wondering whether the approach and the attack were linked.

Documents released under the Access to Information Act and obtained by CBC News offer insight into the consequences for private sector interests when a government institution they work with is breached.

The two companies were among those notified by the NRC in the days after the cyberattack that their data had been hacked. Both were subsequently approached by Chinese companies about their businesses.

The federal government blamed the attack on a Chinese state-sponsored actor.

One Canadian businessman wrote an email to the NRC saying, “It’s somewhat ironic, that Canada’s premier R&D organization, the NRC, although cutting edge with many new technologies, doesn’t seem to have equivalent cutting-edge protection of its computer networks setup.”

Read more here

#CyberFLASH: NRC hacks a security wake-up call

Quebec hacker

It could take a year or more for the Canadian government to recover after its chief information officer confirmed Chinese statesponsored hackers were found to be breaking into the networks of the National Research Council.

This “cyber intrusion’ into the NRC’s computer network was detected and confirmed by Communications Security Establishment Canada, which is now working with IT experts and security partners to create a new secure IT infrastructure for the NRC and the broader federal government.

It could take at least a year, officials say, simply to mitigate the risk of future cyber threats of this nature.

Meanwhile, data security companies working in the private sector are coming forward with suggestions for the NRC specifically, and Canadians in general, on how to better protect themselves online.

CloudMask, for example, is an information technology and security company based in Ottawa. It has received certification for its security technology by Shared Service Canada (SSC) for integration with its security infrastructure.

Read more here

Cloud computing law puts Canadian users at risk of snooping by American spies


OTTAWA — American spies can snoop through Canadians’ computer data — including that of political organizations and without warrants — if the data resides within popular U.S. cloud computing services, says a former Microsoft executive.

In a report commissioned by the European Parliament, former Microsoft chief privacy adviser Caspar Bowden reveals, “it is lawful in the U.S. to conduct purely political surveillance on foreigners’ data accessible in U.S. clouds,” operated by U.S. firms such as Google, Microsoft, Apple, IBM and others.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.