Back to news

March 17, 2020 | Local, C4ISR, Security

Online 'phishing' attacks expected to target housebound staffers as COVID-19 spreads

It's a 'huge opportunity' for online crime, one expert warns

The number of "phishing" attacks meant to steal the online credentials of public servants and corporate sector employees now housebound due to the COVID-19 pandemic is on the rise, one cyber security expert warns.

Many attempts are being made against employees who are working from home on virtual private works (VPNs). Cyber experts are still gathering data to establish a direct correlation between the pandemic crisis and the increase in malicious activity.

But Rafal Rohozinski, chief executive officer of the SecDev Group of Companies, said this pandemic moment — when large numbers of employees are at home and receiving instructions from their workplaces on how to connect to internal networks — offers online thieves a "huge opportunity."

Federal government and corporate sector systems were never designed to support a sudden, mass migration of employees from offices to their homes, he said.

"The opening that creates for those who want to wreak havoc through ransomware and malware is really, really significant," said Rohozinski. "And I don't think we're anywhere near prepared for that.

"What we're seeing is an increase in phishing being used as a means to get people's credentials."

U.S. Health Department attacked

The U.S. Health and Human Services Department's website was hit by a cyber attack over several hours on Sunday, an incident which involved overloading its servers with millions of hits.

Officials said the system was not penetrated, although media reports in Washington described it as an attempt to undermine the U.S. government's response to the coronavirus pandemic — and may have been the work of a foreign actor.

Rohozinski said that while the facts are not all in yet, his "professional guess" is that there's a link between the attack and the COVID-19 crisis.

Last week, Canada's top military commander warned that he'd seen recent indications the country's adversaries intend to exploit the uncertainty, confusion and fear generated by the pandemic.

Gen. Jonathan Vance, chief of the defence staff, was not specific about the potential threats — but experts say they could range from hacking to online disinformation campaigns aimed at discrediting the federal government's response.

Rohozinski said he's concerned about the federal government's technical capacity to support thousands of employees on private networks.

"Everybody's moving on to VPNs. Everybody," he said. "This is an enormous pinpoint and an enormous vulnerability."

Federal Digital Government Minister Joyce Murray's office was asked for a response Monday, but was unable to provide an immediate comment.

Many of the country's leading information technology companies are part of the Canadian Cyber Threat Exchange (CCTE), a nonprofit centre where companies can swap information and insights. A CCTE spokeswoman said the corporate sector is better prepared to face the challenges posed by the mass movement of employees to home networks.

Still, there is reason for concern.

"Given we are moving people to work from home now, companies need to ensure that the work from home environment is as safe as the corporate environment and that people are trained to notice these phishing campaigns, just like they were in the corporate environment," said Mary Jane Couldridge, director of business development at the CCTE.

"It's a matter of keeping our community aware of what is impacting Canada daily so we know how to react to it and prevent it from spreading — and not chase rainbows."

Most corporations have plans they'll activate now to cover the wholesale movement of employees to networks outside of the office, she added.

https://www.cbc.ca/news/politics/online-hacking-phishing-covid-19-coronavirus-1.5499725

On the same subject

  • Ottawa launches lonfyig-awaited competition for purchase of armed military drones

    February 14, 2022 | Local, Aerospace

    Ottawa launches lonfyig-awaited competition for purchase of armed military drones

    The federal government has officially launched a competition for the purchase of armed drones after nearly two decades of delays and discussion around whether Canada should buy the controversial weapons. A formal request for proposals was released Friday to the two companies shortlisted to bid on the $5-billion contract, which could see the Canadian Armed Forces launch a fleet of unmanned aerial vehicles in the next few years. A formal contract is not expected for another year or two, while the first drone isn't scheduled for delivery until at least 2025, with the last to arrive in the early 2030s. The request does not say how many vehicles the government plans to buy, and instead leaves it up to the two companies to say how their bids will satisfy the military's needs while benefiting the Canadian economy. It does reveal the aircraft will be based at 14 Wing Greenwood in Nova Scotia and 19 Wing Comox in British Columbia, while the main control centre will be in the Ottawa area. Yellowknife is also identified as a forward operating location. The drone force will include around 240 air force members, with 55 in Greenwood, 25 in Comox and 160 in Ottawa. While delivery is still years away, the fact the military has reached even this point represents a major step forward after almost 20 years of work to identify and buy a fleet of UAVs to conduct surveillance over Canadian territory and support missions abroad. Aside from purchasing a small number of temporary, unarmed drones for the war in Afghanistan – all of which have since been retired – the military has never been able to make much progress on a permanent fleet. That was despite drones taking on an increasingly important role in militaries around the world. A report in the Royal Canadian Air Force Journal in late 2015 said 76 foreign militaries were using drones and another 50 were developing them. One major reason: no federal government had authorized adding drones as a permanent fixture within the military in the same vein as fighter-jet or helicopter squadrons until the Liberal government included them in its 2017 defence policy. The government and military say the unmanned aircraft will be used for surveillance and intelligence gathering as well as delivering pinpoint strikes from the air on enemy forces in places where the use of force has been approved. Some have previously criticized the decision to buy armed drones given concerns about their potential use in Canada and numerous reports of air strikes by other nations, particularly the United States and Russia, causing unintended damage and civilian casualties. The government has also said little about the scenarios in which force might be used, including whether drones could be deployed for assassinations. Officials have suggested they would be used in the same way as conventional weapons such as fighter jets and artillery. “While the (drones) will be a medium-altitude long-endurance system with a precision strike capability, it will only be armed when necessary for the assigned task,” the Defence Department said Friday. “At all times, employment of precision strike capability will adhere to the Law of Armed Conflict, as well as any other applicable domestic or international laws. Use of force will be applied following rules of engagement applicable to the CAF.”

  • Why do some planes in Canada lack potentially life-saving emergency beacons?

    November 8, 2018 | Local, Aerospace

    Why do some planes in Canada lack potentially life-saving emergency beacons?

    David Burke · CBC News More than half of the 27,000 civil aircraft in Canada aren't equipped with a modern device that could save lives by allowing search and rescue crews to more easily find potential crash survivors, according to the Transportation Safety Board of Canada. Modern emergency locator transmitters, or ELTs, emit radio distress calls that can be picked up by satellites, but many small, private and recreational aircraft use older technology that's of little use to rescuers if a plane goes down, because the signal is unlikely to be picked up. "There's no way to tell where it's coming from, no way to tell the identity of the source," said Steve Lett, head of the Cospas-Sarsat Secretariat, the international organization that runs the satellite-based search and rescue system. "It relies on the luck of having another aircraft possibly flying nearby and that aircraft having its receiver tuned to 121.5 MHz, and also that aircraft not assuming that it's some sort of a test." Search and rescue satellites no longer pick up the 121.5 MHz distress signal, which isn't a problem for large commercial airplanes most Canadians use to travel because they use up-to-date ELTs. Those systems are designed to go off when a plane crashes, sending a signal to orbiting satellites that is relayed to a mission control centre. Local search and rescue crews are then advised where they can find the crash site. "Private aircraft, general aviation aircraft, they are not as closely supervised. They tend to crash much more frequently and yet governments ... the Canadian and U.S. governments included, continue to allow them to fly with only a 121.5 MHz ELT," said Lett, whose organization stopped monitoring the 121.5 MHz frequency in 2009. The older distress signals weren't accurate, so Cospas-Sarsat began monitoring ELTs that emit a 406 MHz radio signal instead. Those signals are digital and capable of providing more accurate location information and even the identity of the aircraft. But in Canada, it is not mandatory for planes to have a 406 MHz ELT. The Transportation Safety Board of Canada determined in 2016 there were approximately 27,000 aircraft registered in Canada that required an ELT, but only 10,086 equipped with a 406 MHz ELT. Full article: https://www.cbc.ca/news/canada/nova-scotia/emergency-locator-transmitters-search-and-rescue-aircraft-planes-1.4895600

  • After agreeing to $2B in deals with U.S.-based defence companies, Liberals ask DND for list of Canadian firms to quickly buy from

    December 3, 2020 | Local, Aerospace, Naval, Land, C4ISR, Security

    After agreeing to $2B in deals with U.S.-based defence companies, Liberals ask DND for list of Canadian firms to quickly buy from

    David Pugliese • Ottawa Citizen Dec 03, 2020 Companies must be based in Canada and the work has to be completed relatively quickly, creating or maintaining domestic jobs. After committing to spend more than $2 billion with American companies, the Liberal government wants to give a major boost to homegrown defence firms by moving ahead on projects that can purchase equipment for the Canadian military quickly from domestic companies to either create or shore up jobs. Department of National Defence officials began looking in late April at options to provide support to the defence industry as the new coronavirus pandemic rocked the economy. DND and the government hoped the fast-tracked purchases would help Canada's economic recovery. But so far, the four major purchases over the last several months for the Canadian military saw the Liberal government make major commitments with U.S.-based companies for work that will be done almost entirely in America and create or support hundreds of U.S. jobs. That includes the acquisition of new surveillance aircraft for Canadian special forces, the purchase of new systems and missiles for the air force's CF-18s, missiles for the navy and parts and equipment for C-17 transport planes. The particular equipment ordered isn't built in Canada. In some cases, the U.S. firms receiving the work are exempt from the government's requirement to match the value of the contracts with the reciprocal purchasing of services or supplies from Canadian companies. Now, the government has ordered DND officials to draw up lists of equipment that can be bought from Canadian firms. Companies must be based in Canada and the work has to be completed relatively quickly, creating or maintaining domestic jobs. DND spokesman Dan Le Bouthillier confirmed options are being examined to help minimize the impact of COVID-19 on the defence industry. “We are looking at ongoing procurement projects to determine what we may be able to prioritize in order to ensure our defence industry partners are supported,” he said. “This is ongoing at this time, though no decisions have been made at this point.” But Tamara Lorincz, a peace activist and PhD candidate in Global Governance at the Balsillie School for International Affairs, says many more jobs could be created in Canada if the money was directed into non-defence sectors of the economy. She pointed to the 2009 U.S. study by University of Massachusetts, which examined the impact of spending $1 billion on both military and non-military areas. The non-military areas included clean energy, health care, and education, as well as for tax cuts which produce increased levels of personal consumption. The study concluded substantially more jobs were created by non-military sectors. Lorincz noted that there were no comparable independent studies which have looked at the Canadian situation. Lorincz and various peace groups are also questioning the Liberal government's plans to spend $19 billion on new fighter jets in the coming years. The money should instead go towards programs like national pharmacare or child care, she added. Lorincz noted it costs $40,000 an hour to operate a F-35, one of the fighter jets being considered by the Liberals. That amount is close to the yearly salary of a long-term care facility employee, she added. Christyn Cianfarani, president of the Canadian Association of Defence and Security Industries, said the country's defence industry can play an important role in the federal government's COVID-19 economic recovery plan. The association has recommended to government that it accelerate military equipment project approvals, favour domestic firms as much as possible for future work, as well as focus on Canadian-based cyber firms for associated purchases as the government moves its employees to more remote work. Construction projects on bases could also provide local contractors with work, she added. Canada's defence industry actually fared better than other economic sectors during the pandemic, Cianfarani noted. There were no significant layoffs and most firms have been able to continue operations and production. In addition, some companies switched to producing medical equipment or protective gear for use by hospital staff during the pandemic. The Liberal government announced Monday it wants to spend up to $100 billion between 2021 and 2024 to help the economy recover from COVID-19. https://ottawacitizen.com/news/national/defence-watch/after-agreeing-to-2b-in-deals-with-u-s-based-defence-companies-liberals-ask-dnd-for-list-of-canadian-firms-to-quickly-buy-from

All news