Today in Canada Cyber Security Week Review, June 21, 2021
Today in Canada Cyber Security Week Review, June 21, 2021
In a few minutes, Terry Cutler, head of Psychology Labs in Montreal, will join me to discuss some of the headlines from the past seven days. But a quick review of what happened first:
It's been a bad week for ransomware gangs. Police in Ukraine have arrested six people involved in the Klop ransomware gang. It's not clear whether they were developers or just collaborators, but news reports said the Web site used to leak the stolen data was still online. This shows that the authorities have not been able to shut down the gang infrastructure. Meanwhile, the Avadon ransomware gang apparently gave up as it released all its decryption keys. Those keys can now be used by security companies to create decryptors to extract data from Avadon corporate victims.
Another bad news has come for the miscreants. Police cooperative Interpol helped authorities in 92 countries seize several websites and online marketplaces selling counterfeit and illegal health products. These include counterfeit medicines and COVID-19 tests. The raids conducted last month were the latest in a series that began in 2008. A total of 82,000 websites were shut down and 3,000 people arrested in those years. But organized criminal groups continue to chase illegal drugs.
A US jury in Connecticut convicted a Russian citizen of operating a crypting service for crooks to prevent malware from being detected by antivirus software. The accused provided a custom high-volume cryptographic service to the operator of a botnet. That botnet was used by other criminal cyber gangs to distribute malware and ransomware. The 41-year-old man, who was arrested in Spain in 2017 and deported to the US, who was extradited to the United States, will be sentenced in September.
Another misconfigured corporate database hit the headlines this week. On Thursday we learned that a researcher had searched a vast unsecured online database with metadata such as queries for drugs belonging to pharmaceutical giant CVS Health. The concern is in the wrong hands that customer data could be collated. The misconfigured database containing 1 billion records was hosted by a third party partner of the pharma company.
Separately, researchers found that a way for children's clothing retailer Carter's to confirm orders placed by online customers actually put them at risk. Buyers had to click on a link to confirm their order, but the link could be used by hackers to obtain buyers' names, delivery addresses and email addresses.
Canadians remain apprehensive about the security of their personal information and certain online practices, a new survey from the Office of the Privacy Commissioner of Canada shows. Nearly 90 percent of respondents said they are concerned about people using information available online about them in an attempt to steal their identity. The same number pertains to social media platforms collecting personal information that they or someone else has posted online to create a detailed profile of their interests and personal traits. And 88 percent are concerned about how companies and organizations might use information available online about them, such as jobs, insurance claims or health coverage, to make decisions about them.
Finally, US President Joe Biden and Russian President Vladimir Putin had a four-hour closed-door conversation in Geneva about a range of things, including the increasing number of cyberattacks allegedly from groups based in Russia.
(The following is an edited version of my conversation with Terry Cutler)
Howard: I want to start with Biden and Putin. The Biden administration has been angry at Russia since the SolarWinds attack and the Colonial Pipeline ransomware attack. Russia-based groups have been blamed for both attacks. So there was a keen interest in the conversation of security professionals. What happened?
Terry: The Washington administration was blaming Russia for these cyber attacks. But on the other hand Russia is saying, 'America has been attacking us too. And finally, they will hand over these cyber criminals to each other for prosecution. I'm not sure how much of that is going to work, but they are also saying that there are some things that are off-limits - critical infrastructure, for example. You know, you can't attack our water, our water supply or energy.
Howard: And what they've done is agree to close it, they're going to talk more, see if they can come to an agreement on defining things outside the bounds of those critical infrastructure areas.
Terry: Yes. Because they want to avoid another Cold War. I think world war three is not going to happen with bombs. This can be done through cyber attacks. Imagine shutting down the electrical grid or contaminating the water supply. It can easily cripple a country.
No comments