Foreign Hackers Target Canadian Government & Banks

Uploaded on 2019-02-12 in GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Financial

Foreign hackers have targeted Canadian banks, mining companies and government institutions in recent years to steal valuable secrets and spread malware, a leading cybersecurity analyst warns.

In February 2017, multiple major Canadian financial institutions were exposed to the risk of state-sponsored cyber-theft from North Korea in a scheme to redirect people to malicious downloads that would seize control of their computer, says Christopher Porter, chief intelligence strategist at California security firm FireEye.

A number of Canadian financial organisations appeared prominently on the ultimate target list, he told the House of Commons committee on public safety and national security. At least a half-dozen organised-crime groups conduct financial crime operations targeting companies and people in Canada with a sophistication once seen only among nation-states, Porter said Wednesday 6th January.

FireEye routinely uncovers major underground sites selling thousands of stolen Canadian credit cards at a time, sometimes from major banks, but also targeting customer accounts at smaller banks and credit unions, he added.

FireEye, which works with Canadian military and public-safety institutions, says Canada is often one of the first nations targeted for new types of cyber-operations due to its financial wealth, high-tech development and membership in NATO.

One group in particular, which the firm calls FIN10, has focused specifically on Canada since 2013, carrying out numerous intrusion operations against gambling and mining organizations, pilfering business data and extorting victims, Porter said.

“The cyber-espionage threat to Canada is moderate, but could be on the rise,” he said. “We have observed 10 separate espionage groups from China, Russia and Iran targeting Canada in recent years.”

Organisations in the government, defence, high-tech, non-profit, transportation, energy, telecommunications, education, and media sectors, among others, have all been affected, much like they have in many Western countries, he said.

The Canadian Centre for Cyber Security warned in its recent annual report that the biggest online threat Canadians face is cybercrime including theft, fraud and extortion.It also said foreign countries are very likely to try to advance their agendas in 2019, a general election year, by manipulating Canadian opinion with malicious online activity.

Porter told MPs it is important to provide people running for office with cyber-threat intelligence to ensure they are aware of possible risks.However, such efforts to twist public opinion or compromise candidates are not limited to the cyber-sphere.

The National Security and Intelligence Committee of Parliamentarians said recently it would examine the threat to national security from foreign interference and the measures in place to counter it.

“Canada, like most other western democracies, is vulnerable to foreign actors seeking to illegitimately influence or interfere in our political and economic processes,” the committee said.

Global News

You Might Also Read:

IoT Cybercrime Hotspot In Canada:

 

 

« Wicked Dark Web Wish List
UK Student Loans Company In The Crosshairs »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Securezoo

Securezoo

Securezoo's mission is to simplify and enhance information security by providing trusted security guidance, products, and information to small and mid-sized businesses and security professionals.

REVI-IT

REVI-IT

REVI-IT is a Danish state-owned audit firm focusing on enterprise IT business processes and compliance,

High Sec Labs (HSL)

High Sec Labs (HSL)

High Sec Labs develops high-quality, cyber-defense solutions in the field of network and peripheral isolation.

RiskCentric

RiskCentric

RiskCentric is a consultancy specializing in risk management and compliance.

Secure Code Warrior

Secure Code Warrior

Secure your code from the start with gamified, scalable online secure coding training for software developers.

Ergo

Ergo

Ergo is a world-class IT Partner of choice, leveraging the latest technology available in cloud, mobility, big data, analytics, and social media.

Portshift

Portshift

Portshift leverages the power of Kubernetes and Service-Mesh to deliver a single source of truth for containers and cloud-native applications security.

Thoma Bravo

Thoma Bravo

Thoma Bravo is a leading private equity firm with a 40+ year history and a focus on investing in software and technology companies.

Prosperoware

Prosperoware

Prosperoware develop software for cybersecurity, privacy, and regulatory compliance for content systems, and financial matter management.

Softcat

Softcat

Softcat offer a broad portfolio of IT services and solutions covering Hybrid Infrastructure, Cyber Security, Digital Workspace and IT Intelligence.

Dope Security

Dope Security

Dope Security is a fly-direct Secure Web Gateway that eliminates the data center stopover architecture required by legacy providers, instead performing security directly on the endpoint.

SE Ventures

SE Ventures

SE Ventures provides capital to big ideas and bold entrepreneurs who can benefit from Schneider Electric's deep domain expertise, R&D assets, and global customer base.

CommandK

CommandK

CommandK provides companies with infrastructure to protect their sensitive data. Built-in solutions to prevent data-leaks and simplify governance.

Dryad Global

Dryad Global

Dryad Global offers a comprehensive suite of maritime intelligence solutions, including a best-in-class situational awareness, planning and security system and industry-leading cyber protection tools.

NST Cyber

NST Cyber

NST Cyber provides comprehensive Threat Exposure Management to Global banks and Forbes 2000 companies.

Steryon

Steryon

Steryon is an innovative Cyber Resilience & Risk Management Platform for Cyber-Physical Systems (CPS), tailored for industrial infrastructures.