There has been a “notable” increase in cyber threat activity by Russia-aligned actors, the Communications Security Establishment reported April 13. “These are attention-grabbing, but do not mean the website has been hacked or that any information has been compromised,” said Sami Khoury, head of the Canadian Centre for Cyber Security within the CSE. [node:read-more:link]
The Italian National Authority for Personal Data Protection today ordered an immediate but temporary ban on access to the increasingly popular ChatGPT application. It said that the chatbot “suffered a data breach on March 20 concerning users’ conversations and payment information of subscribers.” The agency criticized the application’s owner, San Francisco-based OpenAI, for not giving users information on how their data is collected. The European police agency warned earlier this week that criminals were ready to take advantage of chatbots to commit fraud and other cybercrimes. [node:read-more:link]
Former Governor-General David Johnston, tasked with looking into foreign interference in Canadian politics, has been promised “complete access” by the Prime Minister. While he has two months to decide whether a public inquiry is warranted, Johnston’s mandate letter gives him more time to dig into the “extent and impact of foreign interference”, to determine “what the government did to defend Canada”, and how it could be improved. [node:read-more:link]
An anonymous veteran federal public servant was identified today as the source for a series of internationally embarrassing disclosures about foreign interference in Canadian affairs and about seeming government indifference or reluctance to act over the years. Acknowledging the prospect of eventual prosecution if identified, the whistleblower explains the reasons for sharing concerns about an evolving threat. [node:read-more:link]
After the federal government, taking its cue from the European Union and the U.S. by banning the Chinese-owned TikTok social media app from on all government mobile devices. The roster of governments concerned about data protection and security vulnerability continues to grow with Nova Scotia the latest addition. [node:read-more:link]
Taking his cue from the federal government, Quebec Cybersecurity & Digital Technology Minister Éric Caire today banned the installation and use of TikTok on government mobile devices. He said it is a “preventative measure” rather than a response to any indication the Chinese-owned social media app had been used to spy on government employees. [node:read-more:link]
Effective February 28, all federal government mobile device will be banned from using Tik-Tok. Confirmed the decision today, Treasury Board President Mona Fortier said there is an “unacceptable level of risk to privacy and security” and the Chinese-owned social media app’s data collection leaves users vulnerable to cyberattacks. [node:read-more:link]
Tighter controls on supply chains and enforcement of export controls are the tools whereby a new U.S. interagency “strike force” hopes to safeguard technologies from foreign adversaries. “We will use intelligence and data analytics to target illicit actors, we will enhance our public and private partnerships,” says Deputy Attorney General Lisa Monaco. [node:read-more:link]
Leading up to the invasion of Ukraine a year ago, Russian hackers began laying the foundation for an unprecedented cyber onslaught not just against Kyiv but also its NATO allies. That digital campaign went into overdrive alongside the kinetic attack but the Google-owned Mandiant cybersecurity firm reported February 16 that Moscow seems unable to keep up the pace for now. [node:read-more:link]
Moldova’s prime minister is accusing Russia of sponsoring protests and conducting cyberattacks in an attempt to destabilize the former Soviet republic abutting southwestern Ukraine. “We are seeing . . . pro-Russian forces trying to destabilise the country politically through paid protests,” Natalia Gavrilița said February 7. “We've had the biggest cyberattacks in 2022 in the history of our country, and we are seeing bomb threats.” [node:read-more:link]
The Communications Security Establishment confirmed February 2 that it had issued a threat report to Canadian organizations about LockBit, a prolific Russia-linked ransomware group known for targetting hospitals and transit systems. A CSE official said LockBit was responsible for 22 per cent of attributed ransomware incidents in Canada last year and will pose an “enduring threat” going forward. [node:read-more:link]
U.S. National Security Director Avril Haines says that ongoing investigations into the handling of sensitive documents by former U.S. presidents and vice- presidents highlight problems with “over-classification” protocols. “We must keep certain information secret or we will not be able to do our job in the intelligence community,” she said, suggesting it is overdone. “It does have to meet a national security standard.” [node:read-more:link]
Reacting to reports that Huawei’s access to U.S. chips and other computer essentials could be further constrained, China accused it today of pursuing “technology hegemony.” A Commerce Department “entity” list has limited the global telecom giant’s access since 2019 and the Chinese foreign ministry said the latest development would be “over-stretching the concept of national security and abusing state power.” [node:read-more:link]
The head of the Canadian Centre for Cyber Security says Canadians should be wary of apps that could leave their data in the “wrong hands.” Sami Khoury’s warning comes as the globally popular Chinese-owned social media app TikTok faces claims that it is data harvesting. “You have to ask yourself the question: do they need to access that information?” he says. “In some cases, it lands in places that don’t live by the same principles of rule of law (and) respect for human rights.” [node:read-more:link]
Public Safety Minister Marco Mendicino says he is prepared to work with parliamentarians to find ways to “improve” the federal government’s cybersecurity bill, C-26, after civil society groups and opposition MPs expressed concern about transparency and accountability. Mendicino says the draft legislation introduced seven months ago is designed to improve protection against online threats to national security. [node:read-more:link]
