Foreign Hackers Target Canadian Government & Banks

Foreign hackers have targeted Canadian banks, mining companies and government institutions in recent years to steal valuable secrets and spread malware, a leading cybersecurity analyst warns.

In February 2017, multiple major Canadian financial institutions were exposed to the risk of state-sponsored cyber-theft from North Korea in a scheme to redirect people to malicious downloads that would seize control of their computer, says Christopher Porter, chief intelligence strategist at California security firm FireEye.

A number of Canadian financial organisations appeared prominently on the ultimate target list, he told the House of Commons committee on public safety and national security. At least a half-dozen organised-crime groups conduct financial crime operations targeting companies and people in Canada with a sophistication once seen only among nation-states, Porter said Wednesday 6th January.

FireEye routinely uncovers major underground sites selling thousands of stolen Canadian credit cards at a time, sometimes from major banks, but also targeting customer accounts at smaller banks and credit unions, he added.

FireEye, which works with Canadian military and public-safety institutions, says Canada is often one of the first nations targeted for new types of cyber-operations due to its financial wealth, high-tech development and membership in NATO.

One group in particular, which the firm calls FIN10, has focused specifically on Canada since 2013, carrying out numerous intrusion operations against gambling and mining organizations, pilfering business data and extorting victims, Porter said.

“The cyber-espionage threat to Canada is moderate, but could be on the rise,” he said. “We have observed 10 separate espionage groups from China, Russia and Iran targeting Canada in recent years.”

Organisations in the government, defence, high-tech, non-profit, transportation, energy, telecommunications, education, and media sectors, among others, have all been affected, much like they have in many Western countries, he said.

The Canadian Centre for Cyber Security warned in its recent annual report that the biggest online threat Canadians face is cybercrime including theft, fraud and extortion.It also said foreign countries are very likely to try to advance their agendas in 2019, a general election year, by manipulating Canadian opinion with malicious online activity.

Porter told MPs it is important to provide people running for office with cyber-threat intelligence to ensure they are aware of possible risks.However, such efforts to twist public opinion or compromise candidates are not limited to the cyber-sphere.

The National Security and Intelligence Committee of Parliamentarians said recently it would examine the threat to national security from foreign interference and the measures in place to counter it.

“Canada, like most other western democracies, is vulnerable to foreign actors seeking to illegitimately influence or interfere in our political and economic processes,” the committee said.

Global News

You Might Also Read:

IoT Cybercrime Hotspot In Canada:

 

 

« Wicked Dark Web Wish List
UK Student Loans Company In The Crosshairs »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

AcceptLocal

AcceptLocal

AcceptLocal is a payments industry consultancy with expertise in payment processing, payment security, anti-money laundering and fraud prevention.

Simula Research Laboratory

Simula Research Laboratory

Simula Research Laboratory carries out research in the fields of communication systems, scientific computing and software engineering.

Zerocopter

Zerocopter

Zerocopter enables you to confidently leverage the skills of the world's most knowledgable ethical hackers to secure your applications.

VU Security

VU Security

VU is a specialist in Cybersecurity software development with a focus on the prevention of fraud and identity theft.

Eseye

Eseye

Eseye is a global specialist supplier of cellular internet connectivity for intelligent IoT (Internet of Things) devices.

FFRI Security

FFRI Security

FFRI is committed to research and development of preventing the most advanced cyber-attacks and breaches.

Totalsec

Totalsec

Totalsec is a Grupo Salinas company with a team of professionals in cybersecurity and information security providing Security Consulting, Solutions Integration, and Managed Security Services.

Calero Software

Calero Software

Calero is a leading global provider of Communications and Cloud Lifecycle Management (CLM) solutions designed to simplify the management of voice, mobile and other unified communications services.

OcuCloud

OcuCloud

OcuCloud protects businesses' valuable information in the cloud, preventing security breaches caused by employees and remote vendors.

Fischer Identity

Fischer Identity

Fischer Identity provide identity & access management and identity governance administration solutions.

NeuroChain

NeuroChain

NeuroChain is an intelligent ecosystem that is more secure, more reliable and much faster than blockchain.

Predatech

Predatech

A cyber security consultancy offering a range of services, including CREST accredited penetration testing, vulnerability assessments and certifications incl. Cyber Essentials & Cyber Essentials Plus.

ACSG Corp

ACSG Corp

ACSG Corp is a Critical Infrastructure Protection Company with a multi-disciplinary focus on building analytics software for various industry sectors.

Perygee

Perygee

Perygee is a fully integrated platform for operational security. Companies depend on Perygee to identify and streamline the most important security practices for their operations.

CyberQP

CyberQP

CyberQP (formerly Quickpass Cybersecurity) provide Privileged Access Management built for MSPs. Our system is designed to reduce ransomware and social engineering attack risks.

NANO Corp

NANO Corp

At NANO Corp, we keep your network visible, understandable, operational and secure with state-of-the-art technology.