Foreign Hackers Target Canadian Government & Banks

Uploaded on 2019-02-12 in GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Financial

Foreign hackers have targeted Canadian banks, mining companies and government institutions in recent years to steal valuable secrets and spread malware, a leading cybersecurity analyst warns.

In February 2017, multiple major Canadian financial institutions were exposed to the risk of state-sponsored cyber-theft from North Korea in a scheme to redirect people to malicious downloads that would seize control of their computer, says Christopher Porter, chief intelligence strategist at California security firm FireEye.

A number of Canadian financial organisations appeared prominently on the ultimate target list, he told the House of Commons committee on public safety and national security. At least a half-dozen organised-crime groups conduct financial crime operations targeting companies and people in Canada with a sophistication once seen only among nation-states, Porter said Wednesday 6th January.

FireEye routinely uncovers major underground sites selling thousands of stolen Canadian credit cards at a time, sometimes from major banks, but also targeting customer accounts at smaller banks and credit unions, he added.

FireEye, which works with Canadian military and public-safety institutions, says Canada is often one of the first nations targeted for new types of cyber-operations due to its financial wealth, high-tech development and membership in NATO.

One group in particular, which the firm calls FIN10, has focused specifically on Canada since 2013, carrying out numerous intrusion operations against gambling and mining organizations, pilfering business data and extorting victims, Porter said.

“The cyber-espionage threat to Canada is moderate, but could be on the rise,” he said. “We have observed 10 separate espionage groups from China, Russia and Iran targeting Canada in recent years.”

Organisations in the government, defence, high-tech, non-profit, transportation, energy, telecommunications, education, and media sectors, among others, have all been affected, much like they have in many Western countries, he said.

The Canadian Centre for Cyber Security warned in its recent annual report that the biggest online threat Canadians face is cybercrime including theft, fraud and extortion.It also said foreign countries are very likely to try to advance their agendas in 2019, a general election year, by manipulating Canadian opinion with malicious online activity.

Porter told MPs it is important to provide people running for office with cyber-threat intelligence to ensure they are aware of possible risks.However, such efforts to twist public opinion or compromise candidates are not limited to the cyber-sphere.

The National Security and Intelligence Committee of Parliamentarians said recently it would examine the threat to national security from foreign interference and the measures in place to counter it.

“Canada, like most other western democracies, is vulnerable to foreign actors seeking to illegitimately influence or interfere in our political and economic processes,” the committee said.

Global News

You Might Also Read:

IoT Cybercrime Hotspot In Canada:

 

 

« Wicked Dark Web Wish List
UK Student Loans Company In The Crosshairs »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

iTrinegy

iTrinegy

iTrinegy is a world leader in Application Risk Management offering solutions to mitigate all networked application deployment risks

MyCERT

MyCERT

MyCERT is the National Computer Emergency Response Team of Malaysia.

CloudCodes Software

CloudCodes Software

CloudCodes is a cloud security solutions provider focused on providing cloud security solutions to enterprise customers.

Jumpsec

Jumpsec

Jumpsec provides penetration testing, security assessments, social engineering testing, cyber incident response, training and consultancy services.

Allegro Software

Allegro Software

Allegro provide secure software for the Internet of Things.

Blancco Technology Group

Blancco Technology Group

Blancco Technology Group is a leading global provider of mobile device diagnostics and secure data erasure solutions.

Zacco

Zacco

Zacco offer a 360° perspective on intellectual property: From patent filing and trademark registration to software development, digital brand protection, cyber security and portfolio management.

Jump Capital

Jump Capital

Jump provides series A and B capital to data-driven tech companies within the FinTech, IT & Data Infrastructure, B2B SaaS and Media sectors.

OpSec Security

OpSec Security

OpSec Online is the only brand protection solution that spans all channels so your brands are protected no matter what digital venue the criminals target.

Ribbon Communications

Ribbon Communications

Ribbon Communications delivers global communications software and network solutions to service providers, enterprises, and critical infrastructure sectors.

INE

INE

INE is a premier provider of Technical Training for the IT industry.

StrikeReady

StrikeReady

StrikeReady have developed CARA, an advanced technology solution that offers personalized and proactive assessment and remediation of future and current risk in real-time.

SessionGuardian

SessionGuardian

SessionGuardian (formerly SecureReview) is the world's first and only technology which ensures second-by-second biometric identity verification of your remote user, from log on to log off.

Cyber Capital Partners

Cyber Capital Partners

Cyber Capital Partners build strategic and financial partnerships with small and mid-sized cybersecurity companies in highly regulated markets.

HaystackID

HaystackID

HaystackID provides industry-leading computer forensics, eDiscovery, and attorney document review experts to help with complex, data-intensive investigations and litigation.

Cloud & More

Cloud & More

Tired of impersonal IT support? Experience the Cloud & More difference. We offer tailored IT services with a personal touch, ensuring your business technology runs smoothly.