Security News

Public Safety Minister Vic Toews’s right as a parliamentarian to do his job free from intimidation and threats was violated by a series of online videos, a Commons committee has concluded, but it won’t be Parliament that seeks the identity of the minister’s antagonist.

Instead, the RCMP will continue to track the person or people behind the videos, posted by the online hacker community Anonymous in the wake of the government’s tabling of its controversial online surveillance bill.

But the committee included a warning to parliamentarians in its report released Wednesday: don’t think this won’t happen again.

“The threats made against (Toews) were unprecedented in the medium that was used,” the committee wrote in its report.

Anonymous -- the hacker group affiliated with a string of cyber attacks against corporations and law enforcement agencies -- has apparently added the Ontario Association of Chiefs of Police to its hit list.

 

The association's website was hacked Friday afternoon by activists affiliated with the loose-knit group, association spokesperson Joe Couto said.

 

The identity of those responsible for the attack has not been confirmed. However, Anonymous activists threatened to target federal Public Safety Minister Vic Toews over the Harper government's proposed online surveillance bill. The police chiefs association supports the contentious legislation.

 

The hackers posted usernames, passwords and email addresses they say belong to senior members of the police chiefs association, information that was quickly distributed over Twitter.

 

"Welcome to a database leak," reads a message about the data breach. It then appears to allude to privacy issues at stake in Ottawa's proposed surveillance legislation. "Snoop on to them as they Snoop on to you," it says.

 

The police chief association dismantled its website, which now includes one terse message: "Under maintenance."

 

Couto said the cyber attack won't deter the association's support for enhanced federal surveillance legislation.

 

"The police chiefs have been very clear on this," he told CTV News.

 

Couto said it's ironic the association's website was hacked just as it was preparing to launch a cybercrime prevention campaign on Monday.

 

The Conservative government says its surveillance bill is aimed at protecting the public -- mainly children -- from online predators. Among other things, it would allow police to demand – without a warrant -- that internet service providers hand over basic customer information. Many police organizations support the bill.

 

But privacy advocates aren't as enamoured with the proposed law. They say the bill gives police too many surveillance powers, allowing them to track web users' online movements without their consent.

 

The legislation prompted a wave of cyber attacks against Toews. Last week, his divorce records, which are public, were published on Twitter.

 

Couto said the cyber attack has bolstered the organization's support for the government's surveillance bill.

 

"What this does is demonstrate quite clearly to Canadians the type of cyber crimes perpetuated every day," Couto said Saturday.

 

He said police are currently bound by laws drafted in the 1970s, "when the rotary phone was cutting-edge technology."

 

Ontario Provincial Police are investigating the breach to determine how much information was accessed, Couto said.

 

Anonymous, a collection of activists and Internet mischief-makers, has increasingly focused its energy on military, police and security companies in recent months.

 

Among its most spectacular coups: The interception of a conference call between the FBI and London police cyber-investigators working to track them down.

 

At least one element within the group has promised weekly attacks on government-linked targets.

 

In West Virginia earlier this month, Anonymous hackers, in a move similar to the Ontario police chief website attack, obtained personal information for more than 150 police officers from an old website of the West Virginia Chiefs of Police Association and posted the data online.

Read more: http://www.ctv.ca/CTVNews/TopStories/20120225/ontario-chiefs-of-police-website-hacked-120225/#ixzz1uOeyZ9s1

A report from the B.C. privacy commissioner says B.C. Hydro is not meeting the letter of the law as it replaces wired electrical meters with 1.8 milliion wireless ones.

Elizabeth Denham states that the Crown corporation is taking privacy and security seriously as it implements smart meters and a smart grid, but there is room for improvement.

Hydro is required by the Freedom of Information and Protection of Privacy Act to tell its customers the purpose for collecting personal information for the smart meters project. They are also supposed to cite their legal authority to collect such information and provide a corporate contact to answer questions.

“Hydro is not currently meeting this requirement, and we’ve made some recommendations to help them improve their customer notification,” Denham said.

Conversion to smart meters is underway in Kamloops and the project is expected to continue into 2013. Public concerns have been expressed around the cost, security and health implications of the projected, expected to cost close to $1 billion provincewide.

Analysis of household electrical consumption could reveal more about people’s private lives than they want revealed, so Denham investigated after receiving more than 600 complaints and expressions of concern.

Brian Thiesen, who heads a local chapter of Stop Smart Meters B.C., said the Liberal government is in the process of amending privacy legislation, so the report doesn’t surprise him. Bill 3 was introduced this fall without public consultation.

“Within that context, it’s quite easy to understand how they would say things are favourable when the Liberal government is trying to change the privacy laws.”

In every instance he’s seen where an independent security firm has tested wireless meters, problems have arisen, Thiesen said.

“One went to five separate utilities and he hacked them all. Encryption and firewall are fancy terms and they might confuse people.”

Not even top law-enforcement and military institutions have been able to prevent hacking, he added.

Denham’s report focuses on the here and now, but what worries Thiesen and others is what’s in store. He’s convinced there is a hidden agenda to the conversion — variable rates or time-of-use billing for electricity — and that the security/privacy risk will increase as people convert to smart appliances that can be programmed to operate during lower-cost periods of the day.

Hydro and the provincial government have consistently denied that it plans to introduce time-of-use billing, although there is nothing to stop a future government from introducing it.

Thiesen also argues that the province’s electrical consumption is not rising and that the real reason for converting to smart meters is to facilitate the export of power to California and China.

“This is part of the whole equation.”

Denham said her office will continue to monitor the project.

Source: http://www.kamloopsnews.ca/article/20111219/KAMLOOPS0101/111219787/-1/KAMLOOPS/

On Friday afternoon, some members of the Burlington Bulldogs novice team already had their bags packed for a trip to the World Juniors Hockey Championships in Edmonton later this month.

But on Friday night the online contest, in which the Burlington squad had amassed more than 55,000 votes, was closed due to vote tampering.

“This decision was made with heavy hearts,” read a statement posted by the Tim-Br Mart video challenge team on the contest’s website. The statement said the contest was closed “due to persistent illegal and malicious hacking and tampering.”

The online contest asked teams to post videos showcasing their team sprit and a love for hockey. The Burlington Bulldogs had placed third in the same competition the year before, winning $2,500 at Source for Sports for the team of then seven-year-olds.

This year, they were leading going into the final two days of voting. Ten-thousand votes behind, sitting in second place, was the Ancaster Avalanche pewee (11-year-olds) team. They were poised to with $5,000 from Source for Sports after two weeks of canvassing votes.

“The contest has been the target of significant and sustained attack by one or more hackers, which has continued to impact the integrity of the voting totals,” read the online statement. “We are working closely with both the RCMP and an independent IT forensics security firm and will co-operate in every way with their investigation, as they work to identify and pursue appropriate action against the person or persons responsible for this attack and tampering.”

It is unclear which team’s votes were tampered with.

The prize of a trip to the World Juniors will still be awarded by a Dec. 8 draw of the 25 teams who entered the competition. Each of the remaining teams will receive $1,000 in gift certificates to Source for Sports.

“This is not the outcome we hoped for,” read the statement. “We are as devastated as the teams, their fans, supporters and all voters. Please accept our sincerest and deepest regrets.”

Source: http://www.insidehalton.com/sports/article/1257026--vote-tampering-shuts-down-online-contest

Hackers targeted Saskatchewan government computers during the multi-billion dollar takeover bid of Potash Corporation of Saskatchewan, says the head of information technology for the province.

 

The provincial Information Technology Office said Thursday that an unsuccessful attack was made on government computers during BHP Billiton's takeover bid of PotashCorp. last year. The attempt mirrored an attack on federal governments computers in early 2011 that aimed to get information about the Saskatchewan potash industry.

 

The Saskatchewan technology office declined to comment on the specifics of the case, but said the attack last fall was similar in description to the federal attack, in which foreign hackers posed as an aboriginal group in emails that lead to viruses to gain access to the Finance Department and Treasury Board networks.

 

"We also experienced the same attack signature," said Robert Guillaume, deputy minister at Information Technology Office. He said the province's security systems caught the attack before computers were compromised, but he couldn't reveal how hackers "cloaked" the attack.

 

"We were fortunate in that same situation that was reported nationally that we caught it and responded," Guillaume said. "The Internet is an inherently insecure place. We're aware, in general, of the risks and attempts out there."

 

BHP Billiton attempted a $39-billion hostile takeover of PotashCorp. last year. The federal government rejected the bid saying it was not in the best interest of Canada.

 

An active investigation is looking into the attack, so the province declined to share details and could not confirm the attack came from a foreign source. Guillaume could only say "authorities" are investigating and did not confirm the involvement of RCMP or the Canadian Security Intelligence Service.

 

The two potash companies involved in the takeover bid - PotashCorp. and BHP Billiton - both said the companies do not speak about security issues and did not confirm or deny attacks were made on their systems. The federal government previously has declined to confirm the attack.

 

Guillaume said the province's security systems take a "holistic" approach to information technology protection. The Crown corporation SaskTel actively monitors the government's systems, he added.

 

"The system worked as designed, but I don't take it for granted," he said. "We're focused on continuous improvement. This serves as a good reminder to remain diligent."

 

PotashCorp. spokesperson Bill Johnson said the company generally doesn't comment on any aspect of its security.

 

"I can assure you we have very substantial security measures in place and we are satisfied that our company's information was adequately protected," Johnson said.

 

BHP Billiton declined to comment on the story through a spokesperson. "BHP Billiton does not comment on media reports that concern other companies," spokesperson Bronwyn Wilkinson said in an email.

 

Postmedia News reported Thursday that several Toronto law firms linked to the potash companies also were attacked, with early attempts made in Sept. 2010, by a similar hacking experienced by the federal government. In that January attack, hackers sent emails to government officials containing a webpage infected with a virus. If opened, the webpage virus opened a path into government networks and installed spy malware, Postmedia News reported in October. Some emails also contained corrupted PDF files that installed malicious code that sought and downloaded government information.

 

The hackings are believed to have originated in China, although the Chinese government denies involvement. Chinese multinational Sinochem reportedly had mulled a bid for PotashCorp. with a Russian company at the same time of the BHP Billiton takeover attempt.

 

Douglas Richardson, a senior partner at McKercher LLP in Saskatoon, worked with BHP Billiton and a Toronto law firm during the takeover bid. He said the Saskatoon firm did not experience any computer attacks related to its potash legal work.

 

"I have no direct knowledge of any attacks," Richardson said.

Source: http://www2.canada.com/story.html?id=5803576

In response to a hacking threat, City of Toronto employees are being urged to closely watch web pages for unusual activity and also report any weird phone calls, emails or other “odd occurrences.”

“The city takes all security threats very seriously, including the recent threat by Anonymous,” an internal staff memo said.

The memo outlined the city’s response to a YouTube video claiming to be from hacker-activists Anonymous that threatened to “remove” Mayor Rob Ford from the Internet if he tried to evict Occupy Toronto protesters from St. James Park.

The memo said the city was taking appropriate precautionary measures “to secure and maintain the City’s system.”

If a disruption occurred, internal email communication would probably continue but staff may not be able to send or receive external messages or access the Internet, the memo said.

Contingency plans are in place to continue city business “via other, non-web channels” if the system went down.

Deputy Mayor Doug Holyday said he’s heard no reports of problems.

“I think our system is secure,” Holyday said. “I’d be very surprised if anybody from outside could disrupt it. A lot of things keep me awake but not that, at this point.”

Attempts to hack into the city’s systems have been made in the past, Councillor Peter Milczyn said, adding he hasn’t heard of any recent failed attempts.

“I know there’s a great deal of effort put into IT security all the time, all kinds of filters on incoming email, virus protection and insulating various systems from the public part of the city’s website,” Milczyn said.

“I also know that our IT people are aware that attempts have been made over the years to hack into different systems and they failed.”

Source: http://www.thestar.com/news/article/1089100--city-on-high-alert-for-hackers

Hackers are becoming so sophisticated with their attacks that they are mining Facebook profiles for personal information that could help them steal sensitive data.

Security expert Michel Juneau-Katsuya says a Department of National Defence employee told investigators he received an email from someone pretending to be a co-worker who said he had seen the employee at his daughter's soccer game over the weekend. The hacker claimed to have been added to the employee's work team, which was assembling sensitive information, and asked for a copy of the work done so far.

The personal information came from pictures the DND staffer had posted to Facebook. The staffer alerted department officials.

"Breaches will happen because of human beings getting involved somewhere," said Juneau-Katsuya, chief executive of the Northgate Group security firm and a former senior intelligence officer for the Canadian Security Intelligence Service.

"Whether that's willingly, unwillingly, consciously or unconsciously. Whether they lost or forgot something or they simply held open the door for somebody. There is a human factor in it."

Juneau-Katsuya said international espionage is reaching record levels as governments move away from costly military confrontations in favour of electronic attacks and computer data theft - and they are picking on average people to get what they want.

Speaking at the release of the 2011 Telus-Rotman IT Security Study, Juneau-Katsuya said more than 10 times more spy activity goes on today than at the peak of the Cold War.

"All of the spy activities can now be done remotely. It's less expensive because you don't have to move your assets abroad," he said.

The security expert said Canada is increasingly being targeted because of its lack of a national cyber-security strategy, coupled with rising information breaches being perpetrated by government insiders. Its economic health is another factor as cashtrapped nations, and even private investors, scramble for any advantage to safeguard their investments. That includes hacking into government servers to determine certain policy directions. A January 2001 attack on the federal government was aimed at getting information on Saskatchewan's potash industry. Foreign hackers masqueraded online as an aboriginal group to gain access to the Finance Department and Treasury Board networks.

Source: http://www.edmontonjournal.com/technology/Canada+crosshairs+espionage+booms+expert+says/5717328/story.html

OTTAWA—Canada’s spy agency warned the government that federal departments were under assault from rogue hackers just weeks before an attack crippled key computers.

A newly released intelligence assessment, prepared last November, sounded a security alarm about malicious, targeted emails disguised as legitimate messages — the very kind that shut down networks two months later.

“The systems and networks used by various Canadian government departments have been attacked directly or indirectly,” says the Canadian Security Intelligence Service report.

A declassified copy of the top secret intelligence assessment, Cyberattacks on Canadian Government Departments: An Overview, was obtained by The Canadian Press under the Access to Information Act.

Extensive portions of the Nov. 4, 2010, report — including what are likely direct references to foreign suspects — have been excised due to ongoing sensitivity of the material.

“Canada has been engaged in detecting, monitoring and mitigating a series of ongoing and evolving ... cyberattacks directed against the computer systems and networks used by Canadian government departments,” says the CSIS document.

“The perpetrators of such attacks use ... correspondence directed against individuals within Canadian government departments,” adds the report, noting they rely on “crafted emails with malware in their attachments or links to externally hosted malicious files.

“The emails appear to have been sent by trusted individuals in Canada or officials associated with foreign governments and international organizations, meetings and expositions.”

Employee Internet access at the Treasury Board and Finance departments — whose systems are shared — was cut off in January after what officials called “an unauthorized attempt” to break into the networks.

A routine evaluation of both departments last year revealed they had not been following all of the government’s information technology security requirements.

Records previously released under the access law show government employees in a number of departments were advised last January of attempts to break into their systems, only days before one of the attempts succeeded.

The CSIS assessment notes the “tools and techniques used in these attacks are in a constant state of development and incorporate new computer-related technologies and Internet-related capabilities.”

It says “attribution is difficult when dealing with computer-based attacks which can be routed through a number of computers, or ‘hop points.’”

In a speech last year, CSIS director Dick Fadden said Canada is attractive to foreign spies because it’s a leader in areas such as agriculture, biotechnology, communications, mining and the aerospace industry.

“Certainly, China has often been cited in media reports as an example of a country that engages in such activity but it would not be exclusive to that country. Just as the Internet is global, so is the cyber threat,” Fadden said.

In its annual public report last June, the spy service said cyberattacks launched through the Internet were the fastest growing form of espionage.

Attackers target computer systems in search of technology, intellectual property, military strategy and commercial or weapons-related information, the annual report said.

The civilian watchdog that monitors CSIS says the spy service takes a two-pronged approach to cyber investigations: first, it tries to determine whether the attacks are aimed at Canada and, second, examines the motivation behind them.

The Security Intelligence Review Committee also found that CSIS works very closely with the Communications Security Establishment, a sophisticated wing of the Defence Department with the twin role of snooping on foreign communications and protecting Canadian networks from intrusions.

While CSE’s intelligence provides CSIS with investigative leads, information collected in the course of CSIS probes can enhance CSE’s ability to respond to cyber-threats, says the review committee’s annual report released last Wednesday.

Arthur Porter, the Montreal doctor who chairs the civilian committee, said in an interview that while the area of investigation was rather new, CSIS was playing an appropriate role.

“We could find no evidence that it had overstepped its bounds.”

Source: http://www.thestar.com/news/canada/politics/article/1078426--csis-warned-government-of-cyber-attacks-just-weeks-before-crippling-hack