The U.S. FBI and its European partners infiltrated and shut down a major global malware network used for more than 15 years to commit a gamut of online crimes. Some 40 ransomware attacks in one 18-month period had netted the Qakbot controllers approximately US$58 million. [node:read-more:link]
Personal records of more than 1.4 million Albertans were cyberattacked through a company’s IT system in July. Alberta Dental Service Corporation confirmed that a “third party” was able to obtain names, addresses and potentially banking information and that some health providers’ corporation information appeared to be affected too. [node:read-more:link]
The U.S. has disclosed that Chinese hackers were able to target unclassified U.S. email accounts through a vulnerability in Microsoft cloud security in June. [node:read-more:link]
The Communications Security Establishment warned today that Russia-aligned non-state actors will continue trying to compromise Canada’s petroleum sector. “The intent of this activity is very likely to disrupt critical services for psychological impact, ultimately to weaken Canadian support for Ukraine,” it said in its latest threat assessment. “This activity will almost certainly continue for the duration of the war, and will likely increase as Russia’s invasion efforts falter, or new support for Ukraine is announced.” [node:read-more:link]
A 2021 ransomware attack on Newfoundland & Labrador’s health-care IT systems was “almost an inevitability,” says Sean Murray, research director for the province’s information and privacy commissioner. “Sometimes mistakes happen and accidents happen (but) in our estimation, that is not what happened,” he said today. “It was pretty clear that we did not have in this province appropriate cybersecurity measures in place […] and that was the major contributor.” [node:read-more:link]
The latest cybersecurity survey by Texas-based SolarWinds shows that foreign governments’ activities are the top concern for IT professionals at all levels of government in the U.S. Some 60 per cent of respondents ranked them as one of the greatest threats in 2023 compared with 41 per cent two years earlier. “More and more nation states use the cyber landscape to execute aggressive espionage campaigns, as well as other cyberattacks like ransomware and spyware,” says SolarWinds Vice-President Brandon Shopp. [node:read-more:link]
Unsolicited calls offering consumers financial or insurance products are to be prohibited by the British government as part of a crackdown on the increased prevalence of fraud. The initiative is to be backed by an increase in the government’s fraud squad to 500 personnel from 120. [node:read-more:link]
A pro-Russia hacker group has claimed responsibility for a cyberattack on Hydro-Québec early today. A utility spokesperson said “our security quickly detected the attack therefore our critical systems were not impacted” and no personal data was compromised. [node:read-more:link]
The Italian National Authority for Personal Data Protection today ordered an immediate but temporary ban on access to the increasingly popular ChatGPT application. It said that the chatbot “suffered a data breach on March 20 concerning users’ conversations and payment information of subscribers.” The agency criticized the application’s owner, San Francisco-based OpenAI, for not giving users information on how their data is collected. The European police agency warned earlier this week that criminals were ready to take advantage of chatbots to commit fraud and other cybercrimes. [node:read-more:link]
Effective February 28, all federal government mobile device will be banned from using Tik-Tok. Confirmed the decision today, Treasury Board President Mona Fortier said there is an “unacceptable level of risk to privacy and security” and the Chinese-owned social media app’s data collection leaves users vulnerable to cyberattacks. [node:read-more:link]
Leading up to the invasion of Ukraine a year ago, Russian hackers began laying the foundation for an unprecedented cyber onslaught not just against Kyiv but also its NATO allies. That digital campaign went into overdrive alongside the kinetic attack but the Google-owned Mandiant cybersecurity firm reported February 16 that Moscow seems unable to keep up the pace for now. [node:read-more:link]
Yevgeny Prigozhin, head of the Russia mercenary Wagner Group, disclosed February 14 that he also financed the Internet Research Agency, a “troll farm” the U.S. says meddled in the 2016 presidential election. “I created it, I managed it for a long time,” he said on social media. “It was created to protect the Russian information space from the West’s boorish and aggressive anti-Russian propaganda.” [node:read-more:link]
New York-based Chainalysis, which analyzes the cryptocurrency market, reported February 1 that North Korea-backed hackers stole US$1.7 billion in 2022, nearly quadruple their theft in 2021 and accounting for 44 per cent of all cryptocurrency hacks last year. Critics say North Korea uses the proceeds to accelerate nuclear weapons development. [node:read-more:link]
The Communications Security Establishment confirmed February 2 that it had issued a threat report to Canadian organizations about LockBit, a prolific Russia-linked ransomware group known for targetting hospitals and transit systems. A CSE official said LockBit was responsible for 22 per cent of attributed ransomware incidents in Canada last year and will pose an “enduring threat” going forward. [node:read-more:link]
The growing role of artificial intelligence in cyber attacks is a “double-edged sword” and a “huge challenge” for NATO, according to David van Weel, Assistant Secretary-General for Emerging Security Challenges. ““Artificial intelligence allows defenders to scan networks more automatically, and fend off attacks rather than doing it manually,” the Dutch national says. “But the other way around, of course, it's the same game.” [node:read-more:link]
