Connect with us


Victims of CRA hackers vulnerable to other cyberattacks: experts



Thousands of Canadians affected by recent cyberattacks on the Canada Revenue Agency and federal government computer systems could be vulnerable to other attacks, warn cybersecurity and privacy experts.

“They have to be very scared if they have another account with the same password,” said Ali Ghorbani, director of the Canadian Institute for Cybersecurity at the University of New Brunswick. “If it doesn’t happen now, it would happen tomorrow.”

Former Ontario privacy commissioner Ann Cavoukian said the risk to those whose accounts were breached shouldn’t be underestimated.

“I don’t think you can exaggerate the risk,” said Cavoukian who is now executive director of the Global Privacy and Security by Design Centre.

“If your information has been compromised then it is in the hands of hackers who could use it for a variety of unintended purposes that you may not be made aware of. It’s the CRA, it’s your financial data and it’s very sensitive information.”

CRA response to hacking

The advice comes after the federal government admitted Monday that hackers accessed the Canada Revenue Agency or GCKey accounts of an estimated 11,200 Canadians in recent days. GCKey is an online portal that allows Canadians to access government services like employment insurance and veterans benefits.

The hackers were able to do things like change bank account information and apply for government benefits, posing as the owner of the account.

The Canada Revenue Agency said Monday it is sending a letter to everyone whose account was hacked. However, in the time it takes for someone to get that letter, those same credentials could be used to strike again if someone has used the same e-mail and password combination for other accounts, said Ghorbani.


The University of New Brunswick’s Dr. Ali Ghorbani, director of the Canadian Institute for Cybersecurity, says Canadians who have had their personal information hacked should immediately change their passwords for other accounts. (University of New Brunswick)


Ghorbani said there’s not much Canadians can do about information that has already been compromised — but they can and should change their passwords.

“If I am one of those people, I would basically change all of my passwords across all of the accounts that I have. And this time I would make sure that these passwords are unique and different from each other.

‘Credential stuffing’

Marc Brouillard, acting chief information officer with the Treasury Board, said the hacking technique, known as “credential stuffing” used e-mail addresses and passwords that had already been compromised.

“The citizens who are worried about identity theft, they already are, they already have been victims,” Brouillard told reporters during a news conference Monday. “The credentials were stolen at some point in the past and these attackers are re-using them.”


Acting chief information officer for the Treasury Board Marc Brouillard explains how a “credential stuffing” cyber attack works. 1:30

Using the same password for their CRA account that they used for the account that was compromised allowed hackers to get in, he explained.

“If you have been a victim here, there’s a good chance that you are a victim elsewhere as well. Check your bank accounts, check your social media, check your e-commerce systems because the attackers will use those wherever they can and they have quite sophisticated systems.”

Ghorbani, whose research focuses on the human element in cybersecurity, said when it comes to cyberattacks it’s not a matter of if but of when.

“Attacks on government or industry will happen regardless because the bad guys are always on the move, finding new ways, new holes to breach and compromise.”

Dark web accounts

Ghorbani said there are an estimated 5 billion compromised accounts out there in the dark web for hackers to use or buy. The dark web is not visible to regular search engines and has a reputation of being a place where you can buy or sell everything from drugs and weapons to stolen data.

“It’s just basically a simple program where they try to log in to millions of accounts using this database information to see which one actually goes through.”

For example, in April the popular videoconferencing platform Zoom was compromised and half a million users credentials ended up on the dark web.

“If I’m a user of Zoom and I’m also using the same password for my CRA account or my bank account, I’m very much at risk now and I’m lucky if I’m not compromised because my information is out there,” said Ghorbani.

Ghorbani said the attacks could have come from anywhere but he suspects they came from outside Canada.

Canadian government officials refused repeatedly Monday to comment on the possible source of the attacks, saying it is under investigation by the RCMP.


Ann Cavoukian, the former privacy commissioner of Ontario, says the federal government should be increasing the security of its websites – not blaming Canadians who re-use passwords for the breach. (Joe Fiorino/CBC)


Cavoukian said the federal government shouldn’t be blaming those whose data was breached for re-using passwords. Instead, she said, it should have had better protection of its sites.

Canadians who want to know if their accounts were breached should be able to phone or e-mail the government rather than have to wait for a letter, Cavoukian said.

Cavoukian also called on Prime Minister Justin Trudeau to act.

“Someone has to take some responsibility in terms of how this is going to be fixed and, more importantly, how are they going to prevent this from happening in the future. They have to start employing strong encryption. I don’t think they are doing that now.”

Elizabeth Thompson can be reached at

Source: –

Source link


COVID-19 on Vancouver Island: Health officials to provide update after cases surge – CTV Edmonton



Victoria –

Health officials identified 204 new cases of COVID-19 in the Vancouver Island region over the weekend.

The cases were among 1,692 new cases found across British Columbia since Friday, including 644 cases on Saturday, 613 on Sunday and 435 on Monday.

There are currently 5,608 active COVID-19 cases in B.C., including 661 active cases in the Vancouver Island region, according to a statement from the B.C. health ministry.

Island Health data identified the locations of 558 active cases Monday, including 309 in the South Island, 203 in the Central Island and 46 in the North Island.

Eleven people in the province died from the disease over the weekend, including six deaths in the Fraser Health region, two in the Vancouver Coastal Health region and three in the Northern Health area.

Since the pandemic began, 1,899 people in B.C. have died of COVID-19, including 58 people in the Island Health region.

There are currently 27 people in hospital with COVID-19 on Vancouver Island, with 16 patients in critical care.

There are 21 active outbreaks at B.C. health-care facilities, including one on Vancouver Island.

On Sunday, Island Health declared a COVID-19 outbreak at a Victoria care home. Two cases of the coronavirus have been detected at the Victoria Chinatown Care Centre.

All 31 residents of the home are now being tested for COVID-19, as are staff members, the health authority said.

The last health-care outbreak on the island was at Sunset Lodge long-term care home in Victoria. It ended on Friday, after infecting 21 residents and 15 staff members, killing six residents.

Approximately 86.8 per cent of eligible British Columbians have now received one dose of a COVID-19 vaccine, while 79.4 per cent have received two doses.

The province has administered 7,711,306 doses of COVID-19 vaccine since it began its immunizing campaign in December.

Adblock test (Why?)

Source link

Continue Reading


U.S. Futures Gain as Stocks Rebound; Dollar Dips: Markets Wrap – Yahoo Canada Finance



(Bloomberg) — U.S. stocks followed European shares higher on Tuesday as traders reassessed risks from China’s crackdown on the real-estate sector and looked ahead to this week’s Federal Reserve meeting.

Most Read from Bloomberg

The S&P 500 and Nasdaq 100 gained, suggesting some improvement in sentiment after concerns about fallout from China Evergrande Group’s debt woes roiled markets Monday. Dip-buyers in the last hour of trading Monday helped the S&P 500 pare some losses, though the index still posted the biggest drop since May.

“You had a lot of pent-up worries all expressed in one day and some of them were perhaps a bit overwrought — there’s still a desperate search for return by investors and still very much a buy-the-dips mentality,” said David Donabedian, chief investment officer of CIBC Private Wealth Management.

The Stoxx Europe 600 index climbed more than 1%, rebounding from the biggest slump in two months, with energy companies leading the advance and all industry sectors in the green. Royal Dutch Shell Plc rose after the company offered shareholders a payout from the sale of shale oil fields. Universal Music Group BV shares soared in their stock market debut after being spun off from Vivendi SE.

Aside from worries over Evergrande’s ability to make good on $300 billion of liabilities, investors are also positioning for the two-day Fed meeting starting Tuesday, where policy makers are expected to start laying the groundwork for paring stimulus. Treasury yields ticked lower and the dollar was steady.

“So much of this information is already known that we don’t think it will necessary set off a wave of problems,” John Bilton, head of global multi-asset strategy at JPMorgan Asset Management, said on Bloomberg TV. “I’m more concerned about knock-on sentiment at a time when investor sentiment is a bit fragile. But when we look at the fundamentals — the general growth, and direction in the wider economy — we still feel reasonably confident that the situation will right itself.”

A Hong Kong gauge of real-estate firms steadied, after developers disputed a report of pressure from the Chinese government. Evergrande slid deeper in equity and credit markets. Concerns remain about broader contagion after S&P Global Ratings said the developer is on the brink of default. China’s markets reopen on Wednesday after holidays.

China’s property-sector upheaval — part of President Xi Jinping’s broader clampdown on private industries under his “common prosperity” initiative to reduce inequality — is adding to the risks confronting investors. These include stretched equity valuations and slower economic reopening due to the delta virus strain amid price pressures stoked by commodities. Markets are also digesting an outlook of reduced central bank policy support.

Elsewhere, Bitcoin slid for a third day in volatile trading, tumbling as much as 7.6% before bouncing back to around $43,000. Oil rebounded from two days of declines, while iron ore futures took a breather following Monday’s rout, though stayed below $100 a ton on China’s steel output curbs.

In Canada, Prime Minister Justin Trudeau won a third term in a snap election but fell short of regaining a parliamentary majority. The nation’s currency was among the best performers in the Group-of-10 basket.

Here are key events to watch this week:

  • Bank of Japan rate decision, Wednesday

  • Federal Reserve rate decision, Wednesday

  • Bank of England rate decision, Thursday

  • Fed Chair Jerome Powell, Fed Governor Michelle Bowman and Vice Chairman Richard Clarida discuss pandemic recovery, Friday

For more market analysis, read our MLIV blog.

Some of the main moves in markets:


  • The S&P 500 rose 0.5% as of 9:30 a.m. New York time

  • The Nasdaq 100 rose 0.5%

  • The Dow Jones Industrial Average rose 0.4%

  • The Stoxx Europe 600 rose 1%

  • The MSCI World index rose 0.5%


  • The Bloomberg Dollar Spot Index was little changed

  • The euro was little changed at $1.1733

  • The British pound was unchanged at $1.3657

  • The Japanese yen rose 0.2% to 109.25 per dollar


  • The yield on 10-year Treasuries was little changed at 1.31%

  • Germany’s 10-year yield declined two basis points to -0.34%

  • Britain’s 10-year yield declined one basis point to 0.78%


  • West Texas Intermediate crude rose 0.7% to $70.78 a barrel

  • Gold futures rose 0.5% to $1,773.30 an ounce

More stories like this are available on

Most Read from Bloomberg Businessweek

Subscribe now to stay ahead with the most trusted business news source.

©2021 Bloomberg L.P.

Adblock test (Why?)

Source link

Continue Reading


COVID booster use may be expanded, US health officials say – Al Jazeera English



FDA advisory body this week recommended coronavirus booster shots for people more than age 65 and those at high risk.

Top health officials in the United States have said broader approval of COVID-19 booster shots could be weeks away, after a Food and Drug Administration (FDA) expert advisory panel this week recommended a third jab for a limited segment of the population.

The director of the National Institutes of Health said the FDA panel’s decision on Friday to limit Pfizer COVID-19 booster shots to Americans age 65 and older as well as those at high risk of severe disease was a preliminary step.

In an interview on Fox News Sunday, Dr Francis Collins predicted more wide-ranging approval for most Americans “in the next few weeks”.

Collins said the panel’s recommendation was correct based on a “snapshot” of available data on the effectiveness of Pfizer’s two-jab regimen over time. But he said real-time data from the US and Israel continue to come in showing waning efficacy among more groups of people that will need to be addressed soon.

“I think there will be a decision in the coming weeks to extend boosters beyond the list that they approved on Friday,” said Collins, who also appeared CBS’ Face the Nation programme on Sunday.

Some rich nations, including the US and UK, are considering coronavirus booster shots amid a recent surge in cases linked to the highly contagious Delta variant.

But the World Health Organization (WHO) this month called for a moratorium on booster shots amid concerns about vaccine supplies to poorer nations, where millions have yet to receive their first jab.

A group of international scientists also said last week that even with the threat from the Delta strain, “booster doses for the general population are not appropriate at this stage in the pandemic”.

“Any decisions about the need for boosting or timing of boosting should be based on careful analyses of adequately controlled clinical or epidemiological data, or both, indicating a persistent and meaningful reduction in severe disease,” the scientists wrote in The Lancet medical journal.

Dr Anthony Fauci, who is US President Joe Biden’s chief medical adviser, on Sunday praised the FDA advisory board’s plan for covering a “good chunk” of Americans. But he stressed that “this is not the end of the story” based on data that was emerging and said the guidance would likely be expanded in the coming weeks to months.

People in the US who have received the two-dose Moderna vaccine or one-dose Johnson & Johnson vaccine are still awaiting guidance on possible booster shots.

“The actual data that we’ll get [on] that third shot for the Moderna and second shot for the J&J is literally a couple to a few weeks away,” Fauci told NBC’s Meet the Press programme.

“We’re working on that right now to get the data to the FDA so they can examine it and make a determination about the boosters for those people.”

The FDA will consider the advisory group’s advice and make its own decision, probably within days. The US Centers for Disease Control and Prevention (CDC) also is set to weigh in this week.

Adblock test (Why?)

Source link

Continue Reading