#CyberFLASH: Trudeau government to take on cybersecurity threats

keyboardOTTAWA — With Internet-based child sex-ploitation crimes skyrocketing, the Justin Trudeau government intends to launch a “credible and comprehensive” review this spring of cybersecurity threats in Canada.

Officials with Public Safety Canada said Thursday that while the details of that review are still being hammered out by Public Safety Minister Ralph Goodale, a review will determine how Canada can best deal with everything from online predators to digital jihadists.

Kathy Thompson, the assistant deputy minister in charge of the Community Safety and Countering Crime Branch at Public Safety Canada, said while the crime rate continues to decline across the country, “there are some exceptions. One of those exceptions is child sexual exploitation over the Internet — that is going up exponentially, year over year.”

Thompson made her remarks at the House of Commons Public Safety and National Security Committee, where MPs are looking for topics their group can zero in on during the current parliamentary session.

A cybersecurity review that looks at legal gaps and shortcomings in police resources could form a plan for the way the Trudeau government approaches law-and-order issues.

“It is our intent to conduct a review that is going to be credible and comprehensive and reaches out to all stakeholders across Canada. And also to our international partners,” said Monik Beauregard, the senior assistant deputy minister at Public Safety’s national and cyber-security branch.

Liberal MP Marco Mendocino, a former Crown prosecutor who played a key role in putting some of the Toronto 18 terrorists in jail, told the committee he is particularly concerned about financial crime — the use of computers and telecom networks by organized criminals, including terrorists, to move and hide money — as well as the use of social media as a breeding ground for online hatred and incitement.

“The fact that we are now so invested in cyberspace can make us vulnerable,” said Mendocino.

Read more here

#CyberFLASH: Russian hackers accused of stealing billions of IDs


VANCOUVER – Should you be concerned about thieves getting your credit card information or using your identity?

Many people are after Russian hackers stole more than 1.2 billion user names and passwords from websites around the globe.

It is being called the largest data breach in history.

Hold Security says more than 420,000 websites, including many leaders in industries around the world were hit.

It says the hackers not only targeted the companies but also every site that their victims visited.

Raymond Yu with BCIT’s School of Computing and Academic Studies explains how so many people were affected.

“When they hack into a user account within the user account, you may also have other contacts you see, sort of like a chain reaction so the magnitude is actually quite large.”

Victor Beitner, President of Cyber Security Canada says thieves can do a lot with this information.

“You could lose your identity. They can try these passwords in social media accounts like your Apple account. They can purchase gift cards. There is a lot of online services that allow you to login with one user name and password.”

Read more here

#CyberFLASH: Mock email scam at Justice Canada snares hundreds of bureaucrats


OTTAWA—Many of the Justice Department’s finest legal minds are falling prey to a garden-variety Internet scam.

An internal survey shows almost 2,000 staff were conned into clicking on a phoney “phishing” link in their email, raising questions about the security of sensitive information.

The department launched the mock scam in December as a security exercise, sending emails to 5,000 employees to test their ability to recognize cyber fraud.

The emails looked like genuine communications from government or financial institutions, and contained a link to a fake website that was also made to look like the real thing.

The Justice Department’s mock exercise caught 1,850 people clicking on the phoney embedded links, or 37 per cent of everyone who received the emails.

Read more here

#CyberFLASH: Pressure’s mounting for IT departments: Trustwave


IT professionals are feeling more under pressure than ever, thanks to a wave of security threats, high expectations from executives, and new technologies entering the workplace, according to a new survey from security solutions provider Trustwave Holdings Inc.

Comparing 2013 to 2014, 58 per cent of respondents said they feel more pressure to ensure their companies are secure. The survey polled 833 IT decision-makers in Canada, the U.S., the U.K., and Germany. While the bulk of the survey’s respondents were based in the U.S., 101 of them were from Canada.

Within Canada, the number of respondents feeling more pressured was a little lower, at 54 per cent. But for many of the Canadian respondents, there were still serious concerns around possible threats, the biggest one being malware and advanced persistent threats among 63 per cent of those polled.

Read more here


#CyberFLASH: Canadian retailers need to shake their computer security complacency


The term “buyer beware” used to mean that you might regret the purchase you were about to make. Now it basically serves as a warning that no matter where you shop, your personal data may be at serious risk.

This week, following the recent high-profile computer security attacks at Target, Nordstrom and other major U.S. merchants, the Retail Industry Leaders Alliance based in Arlington, Va. announced the formation of a council that will focus on cybersecurity issues and a push for better laws to notify consumers when an attack occurs. In Canada, meanwhile, major Canadian retailers announced … nothing.

Part of the problem, according to Toronto-based security and privacy consultant Claudiu Popa, is that Canada has been ahead of the U.S. in some areas, like our adoption of chip and PIN technology on credit and debit cards. The U.S. is still largely a mag-stripe market (though the retail association hopes to change that soon).

Read more here

Cyber threats to Canada gaining momentum


A new form of cybercrime is gaining momentum and anti-virus software can’t protect against it. It’s called an advanced persistent threat, or APT, and according to a new report many Canadian organizations are at risk.

Canada relies on computer networks like power grids, irrigation systems and online banking, every minute of every day. As those systems become more complex, so do the cyber attacks launched against them.

A new report by internet security company Fortinet finds Canada has become a prominent target for an APT, which is a network attack where someone gains access to your system and stays there undetected for a long period of time. 

Read more here

Canada’s privacy laws inadequate for digital age, watchdog says

Jennifer Stoddart

Canadians’ trust in the digital economy is at risk because our laws don’t have enough teeth to compel companies to protect consumers’ privacy, Canada’s privacy commissioner says.

“It is increasingly clear that the law is not up to the task of meeting the challenges of today – and certainly not those of tomorrow,” Jennifer Stoddart said Thursday when she released a report recommending changes to Canadian privacy legislation governing the private sector.

Read more here

69% of surveyed Canadian businesses experienced cyber attack in a 12-month period: report


“Across business communities, there is a general lack of strategy, procedures and trained personnel to combat cyber crime,” notes the survey report, Study of the Impact of Cyber Crime on Businesses in Canada: Fighting Cybercrime Together.

The report suggests two factors could be responsible for the lack of preparedness: the damages (financial or reputational) caused by cyber attacks have not been significant to merit shifts in attitudes and behaviour; and/or organizations do not have enough awareness and knowledge of what strategies they should be implementing to minimize their vulnerability against such attacks.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.