17 mars 2020 | Local, C4ISR, Sécurité

Online 'phishing' attacks expected to target housebound staffers as COVID-19 spreads

It's a 'huge opportunity' for online crime, one expert warns

The number of "phishing" attacks meant to steal the online credentials of public servants and corporate sector employees now housebound due to the COVID-19 pandemic is on the rise, one cyber security expert warns.

Many attempts are being made against employees who are working from home on virtual private works (VPNs). Cyber experts are still gathering data to establish a direct correlation between the pandemic crisis and the increase in malicious activity.

But Rafal Rohozinski, chief executive officer of the SecDev Group of Companies, said this pandemic moment — when large numbers of employees are at home and receiving instructions from their workplaces on how to connect to internal networks — offers online thieves a "huge opportunity."

Federal government and corporate sector systems were never designed to support a sudden, mass migration of employees from offices to their homes, he said.

"The opening that creates for those who want to wreak havoc through ransomware and malware is really, really significant," said Rohozinski. "And I don't think we're anywhere near prepared for that.

"What we're seeing is an increase in phishing being used as a means to get people's credentials."

U.S. Health Department attacked

The U.S. Health and Human Services Department's website was hit by a cyber attack over several hours on Sunday, an incident which involved overloading its servers with millions of hits.

Officials said the system was not penetrated, although media reports in Washington described it as an attempt to undermine the U.S. government's response to the coronavirus pandemic — and may have been the work of a foreign actor.

Rohozinski said that while the facts are not all in yet, his "professional guess" is that there's a link between the attack and the COVID-19 crisis.

Last week, Canada's top military commander warned that he'd seen recent indications the country's adversaries intend to exploit the uncertainty, confusion and fear generated by the pandemic.

Gen. Jonathan Vance, chief of the defence staff, was not specific about the potential threats — but experts say they could range from hacking to online disinformation campaigns aimed at discrediting the federal government's response.

Rohozinski said he's concerned about the federal government's technical capacity to support thousands of employees on private networks.

"Everybody's moving on to VPNs. Everybody," he said. "This is an enormous pinpoint and an enormous vulnerability."

Federal Digital Government Minister Joyce Murray's office was asked for a response Monday, but was unable to provide an immediate comment.

Many of the country's leading information technology companies are part of the Canadian Cyber Threat Exchange (CCTE), a nonprofit centre where companies can swap information and insights. A CCTE spokeswoman said the corporate sector is better prepared to face the challenges posed by the mass movement of employees to home networks.

Still, there is reason for concern.

"Given we are moving people to work from home now, companies need to ensure that the work from home environment is as safe as the corporate environment and that people are trained to notice these phishing campaigns, just like they were in the corporate environment," said Mary Jane Couldridge, director of business development at the CCTE.

"It's a matter of keeping our community aware of what is impacting Canada daily so we know how to react to it and prevent it from spreading — and not chase rainbows."

Most corporations have plans they'll activate now to cover the wholesale movement of employees to networks outside of the office, she added.

https://www.cbc.ca/news/politics/online-hacking-phishing-covid-19-coronavirus-1.5499725

Sur le même sujet

  • Scheer government would seek to join U.S. missile defence program

    7 mai 2019 | Local, Terrestre, C4ISR, Sécurité, Autre défense

    Scheer government would seek to join U.S. missile defence program

    By Alex Boutilier Ottawa Bureau OTTAWA–Andrew Scheer will announce tomorrow that a Conservative government would start talks with the Trump administration to join the U.S. continental missile defence program, the Star has learned. While the U.S. has sought the Canadian government's co-operation on a missile defence program since the early 2000s, successive governments — both Liberal and Conservative — have refused. But two Conservative sources, who were not authorized to speak on the record, confirmed Scheer will announce a future Conservative government would pursue joining the program, which seeks to detect and stop missile attacks on the U.S. and its allies. Scheer will also announce his party's desire to “modernize” NORAD, the joint Canada-U.S. aerospace defence system, one source who had seen the text of the speech said. The announcements will come as part of a speech Scheer is scheduled to deliver Tuesday in Montreal on the Conservatives' approach to foreign policy. The speech is the first of five policy speeches Scheer is slated to deliver over the next five weeks. Scheer has released little in terms of policy since winning the Conservative leadership in May 2017, leading to Liberal attacks that he doesn't have a plan, especially on the environment. The speeches could blunt that criticism, while giving voters a better sense of what the Conservatives expect to include in their election platform. In addition to foreign affairs, Scheer will deliver speeches on immigration, the economy, “confederation” and the environment. The issue of a ballistic missile defence treaty with the United States has been a contentious one for successive Canadian governments. In 2005, then-prime minister Paul Martin refused to sign a deal with the Bush administration. Stephen Harper rebuffed similar requests from president Barack Obama, and the current Liberal government was similarly cold to the idea in its recently released defence policy overhaul. “The threats facing North America have evolved significantly in the air and maritime environment ... and weapons technology, including ballistic and cruise missiles, has advanced tremendously,” the defence framework reads. “Canada's policy with respect to participation in ballistic missile defence has not changed. However, we intend to engage the United States to look broadly at emerging threats and perils to North America, across all domains, as part of NORAD modernization.” Canadian governments' reluctance to join the American missile defence shield has typically had more to do with domestic politics than national security or defence considerations, according to Eugene Lang, an adjunct professor at the Queen's University school of policy studies. “There's been a lot of political sensitivity around it for Canadian governments that were feeling it was going to be controversial for Canada to sign on to this thing,” said Lang, who served as chief of staff to two Liberal defence ministers. “That was certainly the case in the early 2000s with the Bush administration because the Bush administration's foreign and military policy was deeply unpopular in Canada. Now the Trump administration's military and security policy, I don't know if it's deeply unpopular (but) we know Trump is deeply unpopular.” Whoever wins the upcoming federal election will likely face increased pressure from the Trump administration to participate — and help pay for — a planned update of the U.S. ballistic missile defence system. In January, President Donald Trump announced that the U.S. will deploy a new space-based system for detecting and stopping ballistic missiles aimed at the U.S. and its allies. But Trump also said that the allies who benefit from that defence system will be expected to pay their share of the cost. With files from the Canadian Press https://www.thestar.com/politics/federal/2019/05/06/scheer-government-would-seek-to-join-us-missile-defence-program.html

  • Des experts peu convaincus de la nécessité de remplacer les avions des Snowbirds

    22 mai 2020 | Local, Aérospatial

    Des experts peu convaincus de la nécessité de remplacer les avions des Snowbirds

    Publié le 20 mai 2020 Deux experts soutiennent que les avions utilisés par les Snowbirds sont des avions fiables, malgré leur 'ge. La question de la vétusté des CT-114 Tutor a resurgi après l'accident en Colombie-Britannique qui a coûté la vie à la capitaine Jenn Casey. Conçu par le fabricant aéronautique Canadair dans les années 1960, le CT-114 Tutor fait partie intégrante des Forces armées canadiennes (FAC) depuis 1964. Utilisé comme avion d'entraînement, jusque dans les années 2000, le modèle est toujours utilisé par les Snowbirds, le 431e escadron de démonstration aérienne des FAC. La base d'attache des Snowbirds est à Moose Jaw, en Saskatchewan. Aux yeux du président honoraire de l'Association de l'Aviation royale canadienne, André Deschamps, le CT-114 Tutor est un avion très robuste, bien b'ti, solide et très simple. Il est parfait pour les pilotes, car il n'y a pas trop de matériel excessif à s'occuper. Ancien chef d'état-major de l'Aviation royale canadienne, André Deschamps pense que l'écrasement du CT-114 des capitaines Kasey et MacDougall est dû à une perte de puissance soudaine du moteur de l'appareil. clairement pas assez pour continuer de voler, explique le lieutenant-général Deschamps. Selon lui, ce défaut de propulsion de l'aéronef peut être dû à une multitude de raisons. Outre une cause naturelle, comme un oiseau happé par la turbine de l'avion, ce type d'accident peut aussi être causé par un contaminant dans l'essence [...] Ça peut être atmosphérique, ou ça peut être un bris mécanique à l'intérieur du moteur, note André Deschamps. Un remplacement complexe En attendant les résultats d'une enquête sur les causes exactes de l'accident tragique de Kamloops, et malgré l''ge de ce modèle d'aéronef, André Deschamps affirme qu'il est vraiment dur de remplacer cet avion, à cause de ces qualités d'opération. Un point de vue partagé par Mehran Ebrahimi, directeur de l'Observatoire de l'aéronautique et de l'aviation civile de l'UQAM. Même si ces avions ne sont pas éternels (...) il ne faut pas considérer que, parce que ces avions-là sont vieux, ils sont automatiquement dangereux, précise-t-il. Le premier ministre Justin Trudeau s'est d'ailleurs entretenu à plusieurs reprises, en fin de semaine, avec le ministre de la Défense au sujet de la sécurité et de l''ge des avions des Snowbirds, selon les informations de La Presse canadienne. Une question aussi d'ordre financier De plus, la question financière entre rapidement dans les considérations gouvernementales à ce sujet. Dans un document datant de 2015, la Défense nationale du Canada estimait le coût de remplacement des Tutor entre 500 millions et 1,5 milliard de dollars. C'est beaucoup d'argent. Dans le contexte actuel, avec la trésorerie des gouvernements, ajoutez à cela la COVID-19, comment ça va se passer, questionne M. Ebrahimi. Selon André Deschamps, le remplacement des CT-114 entre dans une politique plus large de changement des avions d'entraînement pour les pilotes de chasse canadiens. Le programme de remplacement existe. (...) Il faut allier ça avec d'autres ressources. On ne veut pas acheter une flotte unique, qui existe seulement pour les Snowbirds, précise M. Deschamps. Différentes options sont là, prêtes à être évaluées, selon l'ancien chef d'état-major. Il va y avoir des décisions éventuellement, dans les années prochaines. Mais pour le moment, les Tutor sont encore sains. Une réflexion qui fait écho à un autre document de la Défense nationale du Canada, qui fait partie du Plan national de défense 2018, qui annonce la prolongation de service des CT-114 Tutor : la fin de vie des aéronefs, initialement prévue pour 2020, y est repoussée à 2030. Le CT-114 Tutor s'est révélé une plateforme très résistante, facile à entretenir et à mettre à niveau, et dont la fonctionnalité peut être maintenue à long terme, reconnaît la Défense nationale questionnée au sujet de ce plan de remplacement des CT-1. Dans son courriel transmis à Radio-Canada, le gouvernement fédéral conclut : Les Forces armées canadiennes prévoient conserver les Snowbirds comme marque distinctive de l'Aviation royale canadienne https://ici.radio-canada.ca/nouvelle/1704413/snowbirds-ecrasement-kamloops-casey-tutor-defense

  • A cyber war has started and Canada isn't ready to fight it, says report

    9 avril 2019 | Local, C4ISR, Sécurité

    A cyber war has started and Canada isn't ready to fight it, says report

    Murray Brewster · CBC News Analysis says Canada lagging far behind its allies in responding to cyber warfare threat A new report questions how well prepared the Canadian military and the federal government are to fight a cyber war that, for all intents and purposes, has started already. The Canadian Association of Defence and Security Industries (CADSI), which represents major weapons and high-tech manufacturers, warns in a new report that, despite recent investments and policy papers, the country is lagging far behind its allies in preparing to fight a new kind of war. "The cyber threat to the Canadian Armed Forces (CAF) permeates domestically through vulnerabilities in critical infrastructure, combat systems and equipment, and extends to where the military is deployed abroad," said the association's report, released Thursday. "Russia have proven their ability to launch attacks that cripple critical systems in seconds or quietly collect intelligence for years. The CAF has only recently received approval to engage in active and offensive operations at scale (though specialized activity has been present for years)." 'A genuine sense of urgency' To compile the report, researchers at CADSI conducted 70 interviews with government and military officials, as well as defence industry leaders. Christyn Cianfarani, the association's president, said the feedback was frank. "There's a genuine sense of urgency for Canada to advance in this space," she said. Even if the public doesn't feel the country is vulnerable, she added, "we could stand to be vulnerable by not moving forward very quickly." The report comes just weeks after a House of Commons committee heard that online attacks on Canada's financial system and other key infrastructure could become far more destructive as more militaries around the globe get involved in cyber operations. That testimony came from security expert and former CIA analyst Christopher Porter, an executive at the U.S. cyber security company Fireeye, Inc. He said the west's imposition of sanctions on "some countries" has in the past been met with denial-of-service attacks on financial services websites, but those attacks have only been disruptive. "In the future, they may respond with destructive attacks," he testified on Feb. 6. Cianfarani echoed that warning. "I think, if you look, other nations are attacking Canada," she said. "Other nations aren't just attacking Canada in a short-game play. They are attacking Canada and trying to influence things in our country in a long-game play." The defence association report also took aim at the federal government's ponderous procurement system, noting that adversaries and allies have "demonstrated their ability to deploy new cyber capabilities in months or weeks, while the CAF remains burdened by a years-long and sometimes decades-long procurement cycle." Time to 'blow up' the procurement system? Cianfarani said the procurement system has to "be blown up" and "torn apart" when it comes to acquiring cyber equipment and services. It should take six months, not 10 years, to get those kinds of products into the hands of cyber operators, she added. Defence Minister Harjit Sajjan's office declined comment and referred CBC News to the Communications Security Establishment, which defends the federal government's networks. While CSE spokesman Evan Koronewski did not address the specific criticisms in the industry association report, he pointed to the creation of the Canadian Centre for Cyber Security, which brings "operational security experts from across the Government of Canada under one roof" — something that is expected to deliver a more unified approach. "Although we cannot speak specifically to the Cyber Centre's capabilities, we are confident our men and women have the tools they need to deliver on their mission," Koronewski said in an email. The study found "government and industry lack the mutual trust required to effectively collaborate in the cyber defence of Canada" and proposed a series of remedies. "This distrust has been sown over time through a history of unproductive engagements, limited communications and inadequate mutual understanding of each other's capabilities," said the analysis. The Council of Canadian Innovators has delivered a similar message to the federal government on many occasions over the last two years, but Cianfarani said she believes that the upcoming federal election and the possibility of interference in it — foreign or otherwise — will focus the attention of both the public and decision-makers. "I think around an election is probably when we have the loudest voice, and it's when we're probably, as a country, the most vulnerable," she said. The report pointed to other countries, such as the United States, where cyber defence strategies are primarily driven by industry, supported by the academic community and funded by the government without bureaucratic limitations. "A similar approach for Canada could mobilize a strong, sovereign line of defence against rapidly evolving cyber threats," the report said. https://www.cbc.ca/news/politics/a-cyber-war-has-started-and-canada-isn-t-ready-to-fight-it-says-report-1.5045950

Toutes les nouvelles