Tag: canada

Canadian Centre for Cyber Security Recommends Disconnecting Vulnerable Citrix Devices from the Internet

Canadian Centre for Cyber Security Recommends Disconnecting Vulnerable Citrix Devices from the Internet

Information Security, IT Support
Canadian Centre for Cyber Security Recommends Disconnecting Vulnerable Citrix Devices from the Internet The Canadian Centre for Cyber Security has issued a security alert, advising Canadian organizations to disconnect their Citrix devices from the internet to prevent cyber-attacks. According to the Canadian Centre for Cyber Security, ongoing exploitation of the security vulnerability in Citrix devices officially designated as CVE-2019-19781 has been observed within Canada. The security vulnerability in Citrix devices allows an attacker to gain direct access to an organization’s local network from the internet. In exploiting this vulnerability, an attacker doesn’t need access to any accounts. As such, exploitation can be performed by any attacker. Citrix, for its part, said that CVE-2019-19781, if exploited, could allow an unauthenticated attacker to perform arbitrary code execution. This vulnerability is rated Critical,…
Read More
How to Protect Your Organization from Spear Phishing Scams

How to Protect Your Organization from Spear Phishing Scams

Information Security, IT Support
How to Protect Your Organization from Spear Phishing Scams The recent revelation that the treasurer of the City of Ottawa unwittingly paid nearly US$100,000 to a phony supplier highlights the danger of spear phishing scams. The Office of the Auditor General of the City of Ottawarecently released its findings on how the City fell victim to a common fraud scheme in which US$97,797 was transferred to an account of a phony supplier. The Office of the Auditor General found that on July 6, 2018 at 10:29 am, the City Treasurer received an email from the City Manager. This email, which turned out to be a spoofed email, purporting to be coming from the City Manager when, in fact, it came from fraudsters or fraudster, requested that a wire transfer in…
Read More
1 in 5 Canadian Businesses Hit by Cyberattack in 2017, StatCan Survey Shows

1 in 5 Canadian Businesses Hit by Cyberattack in 2017, StatCan Survey Shows

Information Security
1 in 5 Canadian Businesses Hit by Cyberattack in 2017, StatCan Survey Shows A survey conducted by Statistics Canada (StatCan), Canada’s national statistical office, showed that 1 in 5 Canadian businesses were hit by a cyberattack last year. From January 2018 to April 2018, StatCanconducted the first of its kind survey that aimed to provide a snapshot of the cybersecurity challenges encountered by Canadian businesses – those with 10 or more employees. StatCan’s survey results showed that over one-fifth or 21% of Canadian businesses reported that they were hit by a cyberattack last year which affected their operations. The survey showed that large businesses (41%) were more than twice as likely as small businesses (19%) to identify an impactful cyberattack. Direct Costs of Cyberattacks Listed below are the direct costs of cyberattacks…
Read More
Countdown to Nov. 1, 2018: Enforcement Date of Canada’s Mandatory Data Breach Reporting Law

Countdown to Nov. 1, 2018: Enforcement Date of Canada’s Mandatory Data Breach Reporting Law

Information Security
Countdown to Nov. 1, 2018: Enforcement Date of Canada’s Mandatory Data Breach Reporting Law November 1, 2018 marks the enforcement date of the Canadian law that requires organizations in the private sector to report data breaches. The Canadian Governmentofficially set November 1, 2018 as the enforcement date of the mandatory data breach reporting obligation of organizations in the private sector in line with the Digital Privacy Act, a law that amended the Personal Information Protection and Electronic Documents Act (PIPEDA). PIPEDA is a Canadian privacy law for private sector organizations which came into force in January 2001. This law sets out rules that organizations in the private sector must follow whenever they collect, use or disclose personal information in the course of their commercial activities. Canada’s Digital Privacy Act, which…
Read More
Canadian Towns Hit by Ransomware Cyberattacks; Lessons Learned from These Attacks

Canadian Towns Hit by Ransomware Cyberattacks; Lessons Learned from These Attacks

Information Security
Canadian Towns Hit by Ransomware Cyberattacks; Lessons Learned from These Attacks The Canadian town of Midland in Ontario recently acknowledged it has paid ransom after experiencing a crippling ransomware cyberattack. In a statement, Midland Townsaid that it has “initiated the process to pay the ransom in exchange for the decryption keys.” The town added, “Although not ideal, it is in our best interest to bring the system back online as quickly as possible." What Is Ransomware A ransomware is a type of a malicious software (malware) that encrypts files, making them inaccessible to users, and demands from victims ransom in exchange for the decryption keys that unlock the encrypted files. Ransomware attackers typically ask their victims to pay ransom in the form of cryptocurrency like Bitcoin and convert it to…
Read More
Top Cybersecurity Best Practices for Small Businesses

Top Cybersecurity Best Practices for Small Businesses

Information Security, Security
Best Cybersecurity Practices for Small Businesses Digitalization revolutionized the way we do business. While digitalization improves efficiency and productivity, it also makes businesses more vulnerable to cyberattacks. Cybersecurity threats are not just of great concern to large businesses. Large, medium and small businesses alike are at risk of cyberattacks. A report from Better Business Bureau (BBB) – a nonprofit organization focused on advancing marketplace trust – found that only 35% of small businesses could remain profitable for more than three months if they permanently lost access to essential data as a result of a cyberattack, while more than half would be unprofitable in under a month. “Profitability is the ultimate test of risk,” said Bill Fanelli, one of the authors of the BBB report entitled “2017 State of Cybersecurity Among…
Read More

Tag: canada

Canadian Centre for Cyber Security Recommends Disconnecting Vulnerable Citrix Devices from the Internet

Canadian Centre for Cyber Security Recommends Disconnecting Vulnerable Citrix Devices from the Internet

Information Security, IT Support
Canadian Centre for Cyber Security Recommends Disconnecting Vulnerable Citrix Devices from the Internet The Canadian Centre for Cyber Security has issued a security alert, advising Canadian organizations to disconnect their Citrix devices from the internet to prevent cyber-attacks. According to the Canadian Centre for Cyber Security, ongoing exploitation of the security vulnerability in Citrix devices officially designated as CVE-2019-19781 has been observed within Canada. The security vulnerability in Citrix devices allows an attacker to gain direct access to an organization’s local network from the internet. In exploiting this vulnerability, an attacker doesn’t need access to any accounts. As such, exploitation can be performed by any attacker. Citrix, for its part, said that CVE-2019-19781, if exploited, could allow an unauthenticated attacker to perform arbitrary code execution. This vulnerability is rated Critical,…
Read More
How to Protect Your Organization from Spear Phishing Scams

How to Protect Your Organization from Spear Phishing Scams

Information Security, IT Support
How to Protect Your Organization from Spear Phishing Scams The recent revelation that the treasurer of the City of Ottawa unwittingly paid nearly US$100,000 to a phony supplier highlights the danger of spear phishing scams. The Office of the Auditor General of the City of Ottawarecently released its findings on how the City fell victim to a common fraud scheme in which US$97,797 was transferred to an account of a phony supplier. The Office of the Auditor General found that on July 6, 2018 at 10:29 am, the City Treasurer received an email from the City Manager. This email, which turned out to be a spoofed email, purporting to be coming from the City Manager when, in fact, it came from fraudsters or fraudster, requested that a wire transfer in…
Read More
1 in 5 Canadian Businesses Hit by Cyberattack in 2017, StatCan Survey Shows

1 in 5 Canadian Businesses Hit by Cyberattack in 2017, StatCan Survey Shows

Information Security
1 in 5 Canadian Businesses Hit by Cyberattack in 2017, StatCan Survey Shows A survey conducted by Statistics Canada (StatCan), Canada’s national statistical office, showed that 1 in 5 Canadian businesses were hit by a cyberattack last year. From January 2018 to April 2018, StatCanconducted the first of its kind survey that aimed to provide a snapshot of the cybersecurity challenges encountered by Canadian businesses – those with 10 or more employees. StatCan’s survey results showed that over one-fifth or 21% of Canadian businesses reported that they were hit by a cyberattack last year which affected their operations. The survey showed that large businesses (41%) were more than twice as likely as small businesses (19%) to identify an impactful cyberattack. Direct Costs of Cyberattacks Listed below are the direct costs of cyberattacks…
Read More
Countdown to Nov. 1, 2018: Enforcement Date of Canada’s Mandatory Data Breach Reporting Law

Countdown to Nov. 1, 2018: Enforcement Date of Canada’s Mandatory Data Breach Reporting Law

Information Security
Countdown to Nov. 1, 2018: Enforcement Date of Canada’s Mandatory Data Breach Reporting Law November 1, 2018 marks the enforcement date of the Canadian law that requires organizations in the private sector to report data breaches. The Canadian Governmentofficially set November 1, 2018 as the enforcement date of the mandatory data breach reporting obligation of organizations in the private sector in line with the Digital Privacy Act, a law that amended the Personal Information Protection and Electronic Documents Act (PIPEDA). PIPEDA is a Canadian privacy law for private sector organizations which came into force in January 2001. This law sets out rules that organizations in the private sector must follow whenever they collect, use or disclose personal information in the course of their commercial activities. Canada’s Digital Privacy Act, which…
Read More
Canadian Towns Hit by Ransomware Cyberattacks; Lessons Learned from These Attacks

Canadian Towns Hit by Ransomware Cyberattacks; Lessons Learned from These Attacks

Information Security
Canadian Towns Hit by Ransomware Cyberattacks; Lessons Learned from These Attacks The Canadian town of Midland in Ontario recently acknowledged it has paid ransom after experiencing a crippling ransomware cyberattack. In a statement, Midland Townsaid that it has “initiated the process to pay the ransom in exchange for the decryption keys.” The town added, “Although not ideal, it is in our best interest to bring the system back online as quickly as possible." What Is Ransomware A ransomware is a type of a malicious software (malware) that encrypts files, making them inaccessible to users, and demands from victims ransom in exchange for the decryption keys that unlock the encrypted files. Ransomware attackers typically ask their victims to pay ransom in the form of cryptocurrency like Bitcoin and convert it to…
Read More
Top Cybersecurity Best Practices for Small Businesses

Top Cybersecurity Best Practices for Small Businesses

Information Security, Security
Best Cybersecurity Practices for Small Businesses Digitalization revolutionized the way we do business. While digitalization improves efficiency and productivity, it also makes businesses more vulnerable to cyberattacks. Cybersecurity threats are not just of great concern to large businesses. Large, medium and small businesses alike are at risk of cyberattacks. A report from Better Business Bureau (BBB) – a nonprofit organization focused on advancing marketplace trust – found that only 35% of small businesses could remain profitable for more than three months if they permanently lost access to essential data as a result of a cyberattack, while more than half would be unprofitable in under a month. “Profitability is the ultimate test of risk,” said Bill Fanelli, one of the authors of the BBB report entitled “2017 State of Cybersecurity Among…
Read More