Cybersecurity in Canada 2019: It was an ‘awesome’ year for attackers

Cybersecurity in Canada 2019: It was an ‘awesome’ year for attackers

By IT World Canada

No country is immune from cyber attacks. But 2019 saw Canadian organizations victimized like never before.

Arguably the worst breach — not only in 2019 one of the worst in Canadian history — was the theft of personal information on 15 million people in Ontario and B.C. held by medical test laboratory LifeLabs. This data included patient names, addresses, email addresses, login passwords, dates of birth, health card numbers and in some cases lab test results.

The second worse breach was the theft by a suspected employee of information on all 4.2 personal banking customers in Quebec and Ontario of the Dejardins credit union.

Copied were names, addresses, birthdates, social insurance numbers, email addresses and information about transaction habits. Not stolen were passwords, identification questions or secret codes.

While more people were victims of the 2015 hack of Toronto-based dating site Ashley Madison, it isn’t a financial or health institution and subscribers didn’t have to give real names.

Getting a handle on how many data breaches there are in this country is getting better now that most organizations have to report them to the Office of the Federal Privacy Commissioner (OPC).

In November the OPC estimated the personal information of 28 million Canadians had been exposed in the first 12 months of mandatory reporting — and that didn’t include the LifeLabs breach.

Small wonder Ed Dubrovsky, managing director for incident response at Toronto-based Cytelligence said “unfortunately it’s been an amazing year” — for attackers.

Among the publicly-reported incidents

  • Attacks through suppliers were responsible for many incidents. Freedom Mobile blamed a third party for hosting an unprotected database with personal and credit card information on thousands of the wireless carrier’s subscribers on the Internet. TransUnion Canada said attackers compromised a Winnipeg leasing company to get access to personal information on some 37,000 Canadians held by the credit reporting agency; Verizon’s annual Data Breach Investigations Reporton thousands of incidents around the world, noted that 21 per cent of data breaches are caused by errors, either by employees or third parties;
  • Questions were raised about the dealings of some organizations with suppliers. In December the city of Hamilton, Ont., notified residents of a potential disclosure of their personal information through Alectra Utilities, which provides water billing service for the municipality. According to a news report an India-based subcontractor to Alectra had access to customer data it held, and there may have been other subcontractors whose staff could also see personal data. The incident raised questions of consent;
  • Nova Scotia’s privacy commissioner blamed the government for not doing enough security testing before making a new provincial Freedom of Information website live, allowing two people to hack the site in 2018 and make off with 7,000 documents including personal information of 740 people;
  • Think small businesses won’t be attacked? Consider our report on a Halifax vegan restaurant whose Facebook page was defaced.

Among other newsworthy events in 2019

  • The U.S. increased pressure on Canada not to allow Canadian wireless carriers to buy wireless network equipment from Chinese manufacturer Huawei for security reasons. A decision will likely be tied to the outcome of a Vancouver extradition hearing for Huawei’s CFO and the detention by China of two Canadians;
  • A Bank of Canada executive was among many experts urging organizations to collaborate more on cyber best practices and threat information. In a related move the Canadian Cyber Threat Exchange (CCTX) lowered fees for public sector agencies;
  • To help improve the security maturity of small and medium-sized businesses the federal government launched a cyber certification program. The hope is it will also increase public confidence in Canadian firms selling products online.

Dubrovsky sees some complacency in the attitude of Canadians and organizations. “We’re just accepting this is a risk,” as a result of the almost daily stories of breaches. “Unfortunately I don’t think there’s enough being done, still” by IT departments. “We don’t understand the threat actors are also ramping up both the damage they’re causing and the monetary demands.”

READ FULL ARTICLE MORE HERE: 

Source: IT World Canada

Canadian insurance firm targeted in ransomware attack

Adam Ward |CTVNews.ca 

TORONTO — Andrew Agencies Ltd., an insurance firm that operates in the Prairies, was recently targeted in a ransomware attack but says no personal information was taken.

Dave Schioler, the executive vice president and general counsel for Andrew Agencies, confirmed the security breach in an email statement to CTVNews.ca on Wednesday.

“We have uncovered no evidence of sensitive personal information or data being stolen or otherwise compromised,” he said in the statement. “We can advise that the incident has had minimal impact on our operations.”

Andrew Agencies, a full-service insurance and financial services firm, operates 18 locations in Alberta, Manitoba and Saskatchewan.

A hacker group known as Maze has taken credit for the attack online. The group was reportedly behind a ransomware attack that recently targeted the City of Pensacola, Fla.

Schioler said that Andrew Agencies did not pay a “ransom as part of the recovery effort.”

“We have taken this matter very seriously and have expended considerable resources in the investigation and remediation of this incident, including the use of third parties with expertise in similar incidents,” the statement reads.

ARE THESE TYPES OF ATTACKS ON THE RISE?

News of the security breach at Andrew Agencies comes one day after LifeLabs, one of Canada’s largest medical laboratories, announced it was hit by hackers.

In LifeLabs’ case, an estimated 15 million customers are believed to have been affected, with passwords, birthdays, health card numbers and even lab results potentially being accessed.

Brett Callow, a threat analyst with anti-virus software company Emsisoft, says while many of these types of attacks go unreported, it’s very likely there has been an increase.

“Most ransomware attacks are not specifically targeted and, as there’s been an increase in attacks on the public sector, it would seem inevitable that there has been an increase in attacks on smaller businesses too,” he said in an email statement to CTVNews.ca.

According to a report released this week by Emsisoft, at least 948 government agencies, educational institutes, and health-care providers were impacted by ransomware attacks in the U.S. in 2019. Emsisoft didn’t have information on the number of these types of attacks in Canada.

Callow says that in about 90 per cent of these cases, hackers are perpetrating these attacks through “email attachments or improperly secured remote access solutions.”

So how can companies and municipalities protect themselves from these types of attacks? Well, Callow says a good starting point is email filtering and training staff how to spot potentially hazardous emails.

“The fact that ransomware groups are now stealing data as well as encrypting it makes prevention and detection more critical than ever,” Callow says.

SHOULD COMPANIES PAY A HACKER’S RANSOM?

In short, no, says Callow, because there’s a lot of unknowns.

“There is no guarantee that the decryption tool supplied by the cybercriminals will work or that they’ll even supply one.”

Callow added that every time a company pays for their data back, they incentivize these types of cyberattacks. However, he admits that some companies have no choice and have to take the risk because it may be the only option.

“For as long as companies pay ransoms, ransomware attacks will continue. The only way to stop the attacks is to make them unprofitable.”

Source: CTV News

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from ILSTV

You have Successfully Subscribed!

Pin It on Pinterest