Effective February 28, all federal government mobile device will be banned from using Tik-Tok. Confirmed the decision today, Treasury Board President Mona Fortier said there is an “unacceptable level of risk to privacy and security” and the Chinese-owned social media app’s data collection leaves users vulnerable to cyberattacks. [node:read-more:link]
Leading up to the invasion of Ukraine a year ago, Russian hackers began laying the foundation for an unprecedented cyber onslaught not just against Kyiv but also its NATO allies. That digital campaign went into overdrive alongside the kinetic attack but the Google-owned Mandiant cybersecurity firm reported February 16 that Moscow seems unable to keep up the pace for now. [node:read-more:link]
Yevgeny Prigozhin, head of the Russia mercenary Wagner Group, disclosed February 14 that he also financed the Internet Research Agency, a “troll farm” the U.S. says meddled in the 2016 presidential election. “I created it, I managed it for a long time,” he said on social media. “It was created to protect the Russian information space from the West’s boorish and aggressive anti-Russian propaganda.” [node:read-more:link]
New York-based Chainalysis, which analyzes the cryptocurrency market, reported February 1 that North Korea-backed hackers stole US$1.7 billion in 2022, nearly quadruple their theft in 2021 and accounting for 44 per cent of all cryptocurrency hacks last year. Critics say North Korea uses the proceeds to accelerate nuclear weapons development. [node:read-more:link]
The Communications Security Establishment confirmed February 2 that it had issued a threat report to Canadian organizations about LockBit, a prolific Russia-linked ransomware group known for targetting hospitals and transit systems. A CSE official said LockBit was responsible for 22 per cent of attributed ransomware incidents in Canada last year and will pose an “enduring threat” going forward. [node:read-more:link]
The growing role of artificial intelligence in cyber attacks is a “double-edged sword” and a “huge challenge” for NATO, according to David van Weel, Assistant Secretary-General for Emerging Security Challenges. ““Artificial intelligence allows defenders to scan networks more automatically, and fend off attacks rather than doing it manually,” the Dutch national says. “But the other way around, of course, it's the same game.” [node:read-more:link]
Amnesty International Canada disclosed December 4 that its English-language unit was targetted in October by hackers linked to China. “We are very aware that we may be the target of state-sponsored attempts to disrupt or surveil our work,” AIC Director General Ketty Nivyabandi said. “These will not intimidate us and the security and privacy of our activists, staff, donors, and stakeholders remain our utmost priority.” Secureworks, a U.S. cybersecurity company, said that forensics had established that “a threat group sponsored or tasked by the Chinese state” was the likely culprit. [node:read-more:link]
Veteran CSIS analyst Noura Hayek says there has been an “alarming escalation” of espionage and foreign interference in Canada in the past few years. “They’re real, they’re persistent, they’re increasing,” she told a Council on Governmental Ethics Laws conference December 4. “We see it every day . . . and these activities will be targeting all level of governments.” [node:read-more:link]
Facebook’s parent company, Meta, has been fined €265 million by Ireland’s Data Protection Commission after an inquiry showed that search and contact-importing tools for Messenger and Instagram was used to extract customer data between May 2018 and September 2019. A total of 533 million customers in 106 countries were affected. [node:read-more:link]
Authorities in Estonia say two persons arrested in Tallinn November 20 for allegedly running a US$575-million cryptocurrency mining operation which was no more than an “elaborate Ponzi scheme.” Sergei Potapenko and Ivan Turõgin, being held for extradition to the U.S., are said to have convinced their victims to invest in the service and then used shell companies to launder the cash and buy real estate and luxury cars. [node:read-more:link]
The British government’s interdepartmental COBRA crisis management team has spent post of its recent meetings addressing ransomware attacks on utilities and other critical services rather than other emergencies. The focus seems to be a response to warnings by the National Cyber Security Centre that ministerial responses to the growing number of attacks was inadequate. [node:read-more:link]
The accused leader of the JabberZeus cybercriminal group that stole tens of millions of dollars from U.S. and European companies reportedly has been arrested in Switzerland. Vyacheslav “Tank” Penchukov, a Ukrainian national on the FBI’s “Most Wanted” list for 10 years, is being extradited for trial in the U.S. [node:read-more:link]
The Australian Federal Police suspects “loosely-affiliated” Russian hackers of trying to extort a major medical insurance company. “We believe that those responsible for the breach are in Russia,” Commissioner Reece Kershaw said today. Meanwhile, the AFP was ““undertaking covert measures and working around the clock with our domestic agencies and our international networks.” [node:read-more:link]
Mikhail Vasiliev, a 33-year-old Russian-Canadian faces extradition to stand trial in the U.S. for alleged involvement in the LockBit ransomware group. In a criminal complaint unsealed in New Jersey, the Justice Department says that Vasiliev, in custody after his November 9 arrest in Ontario, was involved in “one of the most active and destructive ransomware variants in the world” in that it collected millions of dollars from victims. [node:read-more:link]
The International Committee of the Red Cross (ICRC) is proposing “digital” markers in the hope of protecting websites and systems used for medical and humanitarian purposes against cyberattacks. The “markers” could incorporate information that targetted institutions are protected by the Geneva Conventions. [node:read-more:link]
