Connect with us

Business

'CRA has to devise stronger systems,' not blame Canadians: experts – Yahoo Canada Finance

Published

on


A sign is pictured in front of the Canada Revenue Agency (CRA) national headquarters in Ottawa, Ontario, Canada March 13, 2017. REUTERS/Chris Wattie

Following a massive cybersecurity breach that affected thousands of Canadian CRA accounts, experts say that a behavioural shift in how the public approaches cybersecurity is important, but institutions need to take the lead.

<p class="canvas-atom canvas-text Mb(1.0em) Mb(0)–sm Mt(0.8em)–sm" type="text" content="The CBC first reported the series of cyberattacks that compromised the personal information of 11,200 accounts. The hackers targeted the Canada Revenue Agency and GCKey, an online portal through which Canadians are able to access employment insurance and other benefits.&nbsp;” data-reactid=”24″>The CBC first reported the series of cyberattacks that compromised the personal information of 11,200 accounts. The hackers targeted the Canada Revenue Agency and GCKey, an online portal through which Canadians are able to access employment insurance and other benefits. 

The hackers obtained information through “credential stuffing,” a type of attack where attackers obtain username and passwords that have been used on other websites, acting chief information officer for the Treasury Board of Canada Secretariat, Marc Brouillard, said during a press conference. 

Annette Butikofer, chief information officer at the CRA, said the agency was impacted on three separate occasions. She added that the hacked accounts have temporarily been revoked and individuals affected will get a letter from the CRA that will tell them how they can regain access to their accounts. 

<h2 class="canvas-atom canvas-text Mb(1.0em) Mb(0)–sm Mt(0.8em)–sm" type="text" content="Onus is on organizations: Cavoukian” data-reactid=”27″>Onus is on organizations: Cavoukian

Ann Cavoukian, former information and privacy commissioner of Ontario, said that the CRA should have been more responsible for ensuring their systems are up to date so attacks like this didn’t happen. 

“You can’t put this on the individuals by saying they have crummy passwords,” she said. “To expect individuals to regularly change their passwords and make it difficult, that’s just not going to happen. I think the CRA has to devise stronger systems.”

One way to do this would be implementing end-to-end encryption, a type of secure communication that would prevent third-parties from being able to access data. 

“If systems are not encrypted, hackers are going to jump all over it,” Cavoukian said. “Why the heck doesn’t the CRA elevate the level of security and protection by encrypting the data to make it much more difficult [for hackers]?”

Shared Services Canada said in an email that GCKey is an end-to-end encrypted service, and that the service itself was not compromised.

In the press conference, Brouillard said that systems did not include two-factor authentication because the system has to include security measures that are accessible by all Canadians. 

“We are constantly evaluating our security posture and addressing issues, adding mitigations. This is an ongoing challenge,” he said. “Two factor- authentication systems would have prevented this, [as well as technology] where you are required to have a key or device. But that is something that is challenging, not everyone can have those things. We also have to worry about making our systems accessible and easy to use.”

Brouillard noted that the government is looking into different technologies “where multi-factor is available” and they are encouraging Canadians to adopt the practice. 

<p class="canvas-atom canvas-text Mb(1.0em) Mb(0)–sm Mt(0.8em)–sm" type="text" content="Sumit Bhatia, director of communications and knowledge mobilization with Ryerson’s Cybersecure Catalyst told Yahoo Finance Canada that the lack of clarity on what cybersecurity protocols the CRA uses is concerning.&nbsp;” data-reactid=”36″>Sumit Bhatia, director of communications and knowledge mobilization with Ryerson’s Cybersecure Catalyst told Yahoo Finance Canada that the lack of clarity on what cybersecurity protocols the CRA uses is concerning. 

“I’m assuming that like any other company when a breach takes place, there’s some sort of an audit that happens. And then there’s some consideration placed on how they would share what their cybersecurity best practices are,” he said.

“We don’t have two-factor authentication and that just leads to believe that there’s still work to be done on their side with regards to how they manage security.”

Bhatia says that changing technology in a government system takes time, and that one change could impact an entire system dramatically. 

“These organizations are using legacy systems and they have to plan out a roll out in a way where one piece does not have a major impact on others,” he said.

“Attacks like this are also an indication that people need to be made aware of their role and responsibility in dealing with public systems and that’s where evolution becomes a priority.”

Bhatia also added that while the CRA needs to implement stronger technology, in the long term Canadians need better cybersecurity education that starts at the grade school level. 

“We are talking about a cultural shift and by that, I mean about living in an era where security can’t be an afterthought like it was a few years ago,” he said. 

“We are teaching six-year-old kids to learn how to code, how are we not making sure that every time they are taught about technology, or how to use a phone, laptop, or iPad, but we are not starting the discussion about security?”

The RCMP has confirmed it will be investigating the attacks but has not released any information in terms of who is responsible.

<p class="canvas-atom canvas-text Mb(1.0em) Mb(0)–sm Mt(0.8em)–sm" type="text" content="Download the Yahoo Finance app, available for&nbsp;Apple&nbsp;and&nbsp;Android&nbsp;and sign up for the&nbsp;Yahoo Finance Canada Weekly Brief.” data-reactid=”50″>Download the Yahoo Finance app, available for Apple and Android and sign up for the Yahoo Finance Canada Weekly Brief.

Let’s block ads! (Why?)



Source link

Business

Union representing Canadian auto workers announces new deal with Ford – Global News

Published

on


TORONTO – Unifor says Ford Motor Company of Canada Ltd. has agreed to spend nearly $2 billion on its Canadian plants as part of collective bargaining negotiations.

Under the tentative deal, Unifor National President Jerry Dias says $1.95 billion will be invested in Ford’s Canadian plants, including $1.8 billion toward the production of five electric vehicles in Oakville, Ont., and an engine contract that could yield new jobs in Windsor, Ont.

Dias says the 6,300 union workers at Ford will vote on the deal this weekend.

Read more:
Union presidents says Ford will fight for workers affected by GM plant closure

Talks between the union and the automaker came to a head on Monday ahead of a bargaining deadline of 11:59 p.m eastern time.

Story continues below advertisement

Workers had previously voted to support a strike if a deal could not be reached by that deadline, with the future of the Oakville, Ont. plant potentially on the line.

Once agreed to by union members, Ford’s deal on new products lines, shifts, wages, pensions and benefits will set the tone for upcoming talks with Fiat Chrysler Automobiles and General Motors.

© 2020 The Canadian Press

Let’s block ads! (Why?)



Source link

Continue Reading

Business

Tesla slashes the price of the Powerpack by 27% on Battery Day – Electrek

Published

on


Tesla has greatly reduced the price of its Powerpack battery system today ahead of its Battery Day event.

Powerpack hasn’t been talked about much lately.

It has been relegated to the background since Tesla introduced the bigger Megapack for utility-scale projects.

However, Tesla is still making the product and it is still being used for many commercial-scale projects, like Electrify America’s charging stations.

Now we’ve learned that Tesla is slashing the price of the Powerpack.

Earlier this year, Electrek reported that Tesla revealed the price of the battery system through its new commercial solar configurator.

At the time, the Powerpack was being sold for $172,000 before incentives and including a commercial inverter.

Now a tipster pointed out to Electrek that Tesla has updated the pricing today, reducing the Powerpack to $125,000:

It brings the cost of the system down to $539 per kWh, but that’s including the expensive commercial inverter.

The price per kWh goes down significantly when adding more Powerpacks to the same inverter system.

That’s also without incentives.

Tesla’s price guide for commercial solar is only available in California, where they have strong incentives for energy storage for self-generation.

According to Tesla’s configurator, a Powerpack can be added to a 40 kW solar system for just $26,000 after incentives.

The price change happens as Tesla is about to announce new batteries at its Battery Day event later today.

Electrek’s Take

While the timing is interesting, it could be completely coincidental, but I guess we will know in just a few hours.

It is a significant price drop before incentives, but the system was already expensive to start with.

The price difference might also be on the inverter side and not the battery side.

Either way, it is worth noting, especially considering the crazy incentives in California. If I was a business owner in California, I would certainly consider this solution.

FTC: We use income earning auto affiliate links. More.


Subscribe to Electrek on YouTube for exclusive videos and subscribe to the podcast.

[embedded content]

Let’s block ads! (Why?)



Source link

Continue Reading

Business

Canada signs deal with VBI Vaccines to develop coronavirus candidate by 2022 – Global News

Published

on


VBI Vaccines Inc said on Monday it had entered into an agreement with Canada to develop a potential vaccine for COVID-19 by 2022 through mid-stage trials conducted exclusively in the country.

Canada will contribute around 75% of the U.S.-based company’s development costs and C$55.9 million ($42.2 million) for the project.

VBI Vaccines said last month that together with the National Research Council Canada it was investigating the vaccine candidate, VBI-2900, in preclinical trials.

[ Sign up for our Health IQ newsletter for the latest coronavirus updates ]

As per the agreement, signed last week, the company’s Ottawa-based unit is obligated to complete the vaccine development in or before the first quarter of 2022.






3:06
Ottawa signs 2 new COVID-19 vaccine deals for Canada


Ottawa signs 2 new COVID-19 vaccine deals for Canada

There are currently no approved vaccines for COVID-19, but around 38 vaccines are being tested in humans around the world.

Story continues below advertisement

© 2020 Reuters

Let’s block ads! (Why?)



Source link

Continue Reading

Trending