Tag: Canadian | SpinSafe

Cybercriminals reportedly hack Canadian woman’s online accounts through App Store game

November 3, 2023/in Internet Security

Scams where hackers pose as Apple employees and customer service agents with phishing emails and pop-ups are very prevalent. Just recently, in the summer of 2023, a Saskatoon woman, Jeannette Roy, fell victim to a fake Apple support call scheme and lost $10,000 in the process.

Now, a mother from Cochrane, Alberta, has been struggling to regain control of her online accounts after they were hacked by cybercriminals who infiltrated her devices through a gaming app.

Apps on Apple’s App Store are carefully vetted, and Apple ensures that the apps that make their way to the App Store are free of known malware and haven’t been tampered with. Apple says all of the App Store apps are ‘Sandboxed,’ which means they can only access certain resources and programs that are necessary for their functioning.

However, Wolf Online 2, an animal-themed game, reportedly bypassed Apple’s vetting system, and it is still up on the App Store.

Susanne Jarman downloaded the game for her nine-year-old daughter on her iPad. Jarman also installed the app on her own iPad to join her daughter in the game.

Soon after, Jarman encountered some suspicious players who tried to manipulate her and her daughter’s actions in the game. “There was a time where there was a screen sharing almost, my character dispersed and he was telling us ‘don’t move,’” Jarman told CTV News Calgary.

Jarman soon deleted the app but subsequently discovered a new shared folder in her notes app that contained all her financial files. The hackers had already accessed her iCloud account and changed her Apple ID username and password. They also breached every other account she had, including her banking, tax, and email accounts, and even stole her photos of her late husband, which she cherished dearly.

Jarman has been trying to recover her accounts for the last eight months but has been unsuccessful. She has resorted to living without the Internet until the situation can be resolved. “It is so hard to go back to the 1990s, people don’t want to do that. You go to a place and they ask for your email address and I don’t have one that’s secure,” she explained.

Apple says it is investigating the…

Source…

Most Canadian firms pay a ransomware gang, latest CIRA survey suggests

October 4, 2023/in Internet Security

The vast majority of organizations in this country are still giving in and paying ransomware gangs after successful attacks, the annual survey of infosec pros by the Canadian Internet Registry Authority (CIRA) suggests.

That’s one possible conclusion from the results of an online survey of 500 Canadian cybersecurity professionals from organizations that had at least 50 employees that was released Tuesday by CIRA.

CIRA oversees the .ca registry.

Released in conjunction with Cybersecurity Awareness Month, the survey shows 41 per cent of respondents said their organization had experienced an attempted or successful cyber attack in the last 12 months. Of those, 23 per cent said that their organization had been a victim of a successful ransomware attack in the last 12 months, one per cent more than 2022.

And of those, 70 per cent said their organization paid ransom demands — and nearly a quarter of those paid up to $100,000. The responses are roughly similar to those of previous CIRA surveys. In 2022, 73 per cent of those hit by ransomware said their firm paid up, while 69 per cent said their firm paid a ransom in 2021.

The numbers “went the wrong way in terms of a trend this year,” admitted Jon Ferguson, CIRA’s general manager of cybersecurity.

“The challenge for a lot of organizations is if they’re not well prepared for an attack before it happens, remediation may not be easy,” he said. “So they perceive paying is the simplest resolution of the problem. Maybe they lack the ability to recover without getting access (to data) back.”

They may also be worried about damage to their reputation if word gets out about a ransomware attack, he added.

Asked why in 2023 an organization would not be well prepared for ransomware, Ferguson said some firms may have trouble understanding the threats new technologies adopted by IT will pose.

He also noted evidence in the survey numbers that IT pros recognize ransomware is a problem. Three-quarters of respondents said they would support a law forbidding organizations from making ransom payments. (That’s up from 64 per cent in the 2021 survey).

Among other troubling survey numbers pointed out to Ferguson, 64 per cent of…

Source…

Canadian dental service pays ransom in 8base ransomware attack

August 13, 2023/in Internet Security

A Canadian provincial government body tasked with providing dental services has paid a ransomware demand after having data stolen in an 8base ransomware attack.

The Alberta Dental Service Corp. said Aug. 10 that it detected the ransomware attack on July 26, when the body discovered that certain data pertaining to public dental benefits programs it administers was implicated in a recent cybersecurity incident. ADSC took measures to prevent authorized access and hired a third-party forensic firm. The corporation was also able to recover affected systems and data from backups with minimal loss.

It’s believed that the data of approximately 1.47 million individuals were compromised, including, in a small number of cases, personal banking information, with those having banking information stolen being offered complimentary credit monitoring services.

So far, the story sounds like a standard ransomware attack where the victim was fortunate to have proper backups and was able to restore service promptly, but then it gets interesting, since ADSC paid the ransom demanded by 8base.

IT World Canada reported that corporate president Lyle Best said in an interview on Friday that a payment was made as part of negotiations between the organization’s cyber insurance provider and forensic investigator. The 8base gang then showed proof the data was deleted as part of the deal.

The amount of the ransom paid was not disclosed. 8base has been active since March 2022 and uses a combination of encryption and “name-and-shame” tactics to force victims to pay a ransom.

According to a report issued by researchers from VMware Inc. in June, the gang operations have similarities to previous ransomware campaigns, suggesting a level of sophistication and experience despite the group’s recent emergence on the ransomware and hacking scene. Typical of most leading ransomware groups in 2023, 8Base operates a leak site where it discloses information about its victims and uses intimidation tactics to pressure victims into paying a ransom.

“This breach underscores the critical need for robust security measures in the healthcare sector,” Erfan Shadabi, a cybersecurity expert with data…

Source…

Canadian Centre for Cyber Security

July 19, 2023/in Internet Security

TORONTO — The head of the Canadian Centre for Cyber Security says ransomware attacks are getting more common and sophisticated, but there’s a lot the country could do to better defend itself.

“The threat is real, the threat is growing and we can’t talk enough about it,” said Sami Khoury, whose organization is aimed at providing the federal government with information technology security and foreign signals intelligence.

While ransomware attackers used to break into systems and take control, Khoury has now noticed many have changed their methods.

Instead of weaseling their way into systems and requesting cash just to give back control, Khoury’s found many attackers are now focused on stealing data and other sensitive information they can threaten to release or sell.

“They recognize that over time companies have become a little bit more sophisticated about having backups, so even if they lock the information technology, they can recover it from a backup,” he said.

“What they’re going after now is information.”

Such incidents have become so common that Khoury considers cybercrime, including ransomware, the No. 1 cybersecurity threat facing the country.

Book retailer Indigo, grocer Sobeys, oil and gas producer Suncor Energy Inc. and Toronto’s Hospital for Sick Children have all been victims of ransomware attacks over the last year.

Khoury counts about 305 reports of ransomware to the Canadian Centre for Cyber Security last year, up from about 295 the year before.

“But I can assure you the real number is nowhere near that,” Khoury said.

“The real number might be closer to add a zero maybe to it.”

The true number of attacks is likely much higher because he’s realized many organizations are too embarrassed to report they’ve been impacted by cybercrimes.

Khoury argues reporting is essential. The more incidents the Canadian Centre for Cyber Security knows about the more specific it can tailor its advice and guidance and the more information it can glean about who might be behind an attack, so they can be stopped.

He also urges organizations to better protect themselves against cyberattacks by using stronger, differing passwords, setting up multi-factor authentication on accounts and…

Source…

Tag Archive for: Canadian