Cyber security Headline News

Google joins Meta to remove Canadian News in response to the Online News Act – Bill C-18.

Google announced it will remove links to Canadian news from its search, News Aggregators and Discovery products. The released statement was in response to the Bill C-18 Online News Act, labelled ‘Link-tax’ by the tech giants Google and Facebook. This statement follows Meta’s response to removing links to Canadian News content across Facebook and Instagram.

The Online News Act: This Act aims to regulate digital news intermediaries to enhance fairness in the Canadian digital news marketplace and contribute to its sustainability, including the sustainability of independent local news businesses.

After 5 weeks of experimenting with the Bill C-18 framework, Google states the bill has become Law and remains unworkable. The Commission also offers an Exemption order that requires digital news intermediaries to compensate news businesses for content made available for the Canadian marketplace.

How does this affect the ecosystem of Information Security in Canada?

Google is one of the most significant and resourceful search engines to date; this means Canadians will stop having access to verified news. Readers may have limited access to digital content published by verified news businesses and independent journalism.

  • This law indirectly empowers bad actors, making search results less useful and unsafe for Canadian news consumers.
  • An opportunity for foreign state-owned propaganda.
  • A huge opportunity to spread ‘fake news’ misinformation.
  • Incentivizes clickbait content. 

References: ( CBC News ) ( Bill C-18 )

Joint Cyber Security Advisory on Truebot Malware

The Canadian Centre for Cyber Security issued a joint advisory with the Cybersecurity and Infrastructure Agency (CISA), the Federal Bureau of Investigations (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC).

The Joint Cyber Security Advisory warned against an increase in cyber threat actors using the new malware variants of Truebot, also known as Silence. Downloader. Truebot is a botnet used by malicious cyber groups like CL0P Ransomware Gang to collect and exfiltrate information from its target.

Previously, the threat vector was initiated through malicious phishing email attachments. Based on recent findings, threat actors exploit CVE-202203119, a remote code execution vulnerability in the Netwrix Auditor application. This vulnerability allows the threat actors to move laterally, execute remote code and deploy at scale within the compromised network environment.

The Joint Cyber Security Advisory recommends hunting for malicious activities using the guidelines outlined in the report and applying vendor patches to Netwrix Auditor. You can access the Cyber Security advisory report here

References: ( Canadian Centre for Cyber Security ) ( CISA )

38% of Government IT does not have a documented Disaster Recovery Plan

A recent report by Arcserve revealed significant critical vulnerabilities of the IT department in government organizations across the world.  Their findings were based on the experience and habits of IT professionals within these organizations. The report highlights how these vulnerabilities weaken the government’s fight against ransomware.

Amongst the findings, 36% of government IT departments do not have a documented disaster recovery plan. On the other hand, a low percentile at 38% of government IT departments have a comprehensive business continuity plan that includes recovery, interim solutions, and communication.

This survey included Canada, the United States, the United Kingdom, Japan, South Korea, India, Australia, New Zealand, Brazil, France, and Germany.

References: ( CISO Series ) ( Security Magazine )

Government of Canada program for Cyber Security Certification

Canadian Commercial Corporation (CCC) published an article announcing the progress made by the Government of Canada to develop and implement a Canadian program for cybersecurity certification, which will be a mandatory certification requirement in select Federal defence contracts by Winter 2024. 

The objective of this certification – the Canadian Program for Cyber Security Certification (CPCSC) is to protect the Government of Canada from cyber threats that could occur through the third party’s (suppliers and vendors) networks, systems and applications.

The goal of CPCSC is to reinforce the goals of Canada’s National Cyber Security Action Plan and National Cyber Security Strategy. CPCSC is designed to be mutually recognized with the United States’ Cyber Security Maturity Model Certification (CMMC) program. This will enable Canadian suppliers to do business under a single regime in Canada and the U.S.

 References: ( Canadian Commercial Corporation (CCC) )

Increase in breaches amongst Canadian businesses doubles in 2023

CDW Canada (Computer Discount Warehouse), in collaboration with International Data Corp Canada (IDC Canada), released a report focused on emerging issues and trends in Canada’s IT Security ecosystem.

Over 500 people from cross-functional IT Security, Risk and Compliance teams participated in the survey. The survey included professionals across various industries, cross-province and Canada-wide. 1.7 % of the respondents are IT Security respondents who directly managed the IT function. The report found that the number of successful breaches for Canadian businesses doubled in the past year.

A graph with numbers and lines

Description automatically generated

Respondents identified fewer cyberattacks in the 2023 report than in the 2022 report – 344 compared to 419 – the number of breaches, or unauthorized removal of data or files, involving organizations increased 130% to 30 from 13. At the same time, the number of denial of service (DoS) attacks, where a flood of incoming messages forces a system to shut down, rose to 30 in the 2023 report from 11 in the 2022 report. Infiltrations, or unauthorized access where no data is removed, also increased to 29 from 11 over the same period.

Other Key Findings

  1. The zero-trust architecture of many Canadian organizations was confined to Identity and Access Management alone. 
  2. Canadian organizations take approximately 48 days to recover from a cyber incident.
  3. The gap between cloud adoption by Canadian organizations and their efforts to secure it has a high cyber risk.
  4. Rising cyber threats are driving the need for security automation.
  5. Macroeconomic pressures and the security skills gap are organizations.
  6. DevOps is now a leading software development methodology – paving the way for DevSecOps.

References: (Cybersecurity breaches up across Canadian businesses: report”) (CDW Page 7)

About the Author

Jennifer Mbaegbu

Jennifer Mbaegbu is a dynamic professional with a strong business and client relationship management background and a keen interest in Cloud Security Architecture and Governance, Risk, and Compliance (GRC). She is passionate about helping people and organizations build a resilient cybersecurity posture, adopt a secure cloud culture, and enhance a cyber-resilient ecosystem in Canada. Leveraging her experience, she seeks to help streamline compliance processes, identify and mitigate risks, and foster a culture of governance excellence within organizations.

LinkedIn profile