Home Ottawa

The most interesting DDoS ever?

Those of you outside of Canada may not have been following this
story, but you might want to as this one seems to have it all:
  • Accusations of police ineptitude and overreach
  • Listening devices
  • Claims and counter-claims concerning Anonymous
  • Twitter sparring
  • Social engineering
  • Multiple DDoS attacks
  • Bureaucratic boilerplate statements aplenty

The abbreviated story goes something like this…

 
  • An Ottawa teenager is charged with 60 offences related to
    ‘swatting’ various targets across North America.
  • Hacker claims to have proof that said teen is innocent – identifies another as the culprit. 
  • Hacker contacts family of the accused and the media.  Listening devices apparently discovered at suspects home. 
  • Hacker takes down city, police and court websites to bring attention to the case. 
  • Officials assure the public that no data has been breached, but that hacker managed to get password from service provider via phone. 
  • Hacker continues to post via social media, promising proof. 
  • Father of the accused now says he is a ‘person of interest’ in the case.
We’ve seen hundreds of ddos attacks in the news over the years,
and thousands of them in the security community.  They usually aren’t all that noteworthy and barely get a second glance.  The attacks in Ottawa and Canada over the past couple of weeks are rather unique, however.  You can catch up on the saga via:
Ottawa police, Supreme Court websites shut down after possible hack
Hacker threatens Toronto cops and city website
Anonymous denies involvement in hacks
Ottawa hackers drop affiliation with Anonymous; warn of more attacks
Hackers Have Kept the Ottawa Police Website Offline for Seven Days
Teen at centre of hacking confrontations set for trial June 16

DND Move to Nortel Questioned Again

Nortel Ottawa
Nortel Ottawa (Photo credit: Wikipedia)
In 2010, it was announced that the future home of Canada’s Department of National Defence was going to be at the old Nortel Networks complex, in Ottawa.  Many voiced a concern over the cost of renovating the Nortel campus, estimated at over $600 million on top of the $200 million purchase of the land. The security of the campus was also a major concern for the new owners according to recent DND briefing documents. Now the location choice has again come into question over recent findings lurking in the building.
A new report by the Ottawa Citizen reveals that electronic listening devices were found at the former Nortel campus.  This report also disclosed that Defence Minister Peter MacKay was warned that the DND moving into the complex before it could be properly secured created a major problem. Keith Murphy, CEO of Defence Intelligence said “There are more than enough problems with the proposed move already. Drastic budget increases, questionable benefits, unsubstantiated savings forecasts, and now the inherent security of the location itself. This might just be the final nail in the coffin for the proposal.”
Though it is unknown if the devices are still functioning or even transmitting, this could be the problem that the briefing document was referring to. DND spokeswoman Carole Brown said in response to the recent discovery that “The DND/CAF must maintain a safe and secure environment at all of its facilities, in order to maintain Canada’s security posture at home and abroad” but it hasn’t been stated if the persons who discovered the devices were even from the DND. Another unanswered question is whether the devices were intended to spy on DND or were remnants of espionage against Nortel. “While we don’t know with certainty of any active campaign targeting DND” said Murphy, “we do know that the site was compromised for over a decade while Nortel was the primary tenant.”
Hackers allegedly based in China, using malware and stolen credentials, carried on a decade-long campaign of stealing technical papers, R&D reports, employee e-mails, and other sensitive documents from the network company. Some believe that the former Canadian technology giant went bankrupt because of the Chinese hackers. Brian Shields, the former senior systems security adviser at Nortel, stated in an interview with CBC’s As It Happens that spying by hackers “absolutely” was a “considerable factor.” 
What happened to Nortel isn’t an isolated incident in Canada.  In January 2011, CBC News ran a story, foreign hackers attack Canadian government. Computer systems at 3 key departments were penetrated, including access to highly classified information at the Finance Department, Treasury Board, and Defence Research and Development Canada. So why take the chance with moving Canada’s Department of National Defence into a site that has already been compromised?

“DND told CTV News it may abandon the move, and sources said it’s unlikely any other department would take over the former Nortel site because of the security risks.”
The full CTV story with the Keith Murphy interview can be found at www.ctvnews.ca.

Related articles

Enhanced by Zemanta

Google Places for Business Scam

Business Registry Center, with a post office box in Montreal, is calling businesses and non-profits offering to list them with Google Local Business Listings, now known as Google Places Business.  For the listing that is free with Google, they are charging $499.  A rip-off perhaps, but maybe not too bad?  It gets worse.

CBC News Story
CBC News Video

www.businessregistrycenter.com
Telephone: +1-888-416-7472

Address:
6228 Saint Jacques, 
Suite 417, 
Montreal, QC H4B 1T6

From the user agreement found on their site:
 Although never mentioned in any of the phone calls, the user agreement states that you are signing up for two years of service at the spectacular rate of over $5, 500.00.  The user agreement is apparently binding, even if you’ve never been to their site to read it.

You authorize them to charge any card that “they are aware or become aware of”.
In case you don’t follow their terms or even threaten to do so:

So what do you get for your $5,500.00? Well, pretty much what you get for free with Google.

The earliest activity I can find dates back to September of 2012.  Here is one of the dozens of complaints on 800notes.com.  It seems they finally moved from disks to the cloud. http://800notes.com/Phone.aspx/1-888-774-9902

And finally, what I can only assume is a sister site at www.onlineregistrycenter.com.  Different theme, but the content is identical.  
This “office” is located at a UPS store in MN.  

Telephone: +1-888-311-0262
Fax: +1-866-929-0748
Address:
1043 Grand Avenue, 
Suite 145, 
Saint Paul, MN 55105.

The Second Annual Women in Security Lecture Series

Last night we had the pleasure of being a diamond sponsor and attending the second annual Women in Security Lecture series at the Hampton Inn and Conference Centre in Ottawa. The event had a relaxed business casual atmosphere with everyone talking about security. We appreciated hearing the different points of view and opinions from the panel and conversations on the current and future state of security.

Students from RMC at the event – Winners for best dressed
One of the speakers that really stood out for us was Lisa Gordon-Hagerty. Her extensive background in security in the corporate and government sector made her extremely interesting to hear from.  She touched on the fact that hackers, malware writers, and botmasters all work together sharing information and technologies. This allows them to constantly be a step ahead of the organizations they’re attacking.

“She’s been on both sides of the fence and very much believes in having the government and corporate entities work hand in hand to develop better security policies, to share information on different events and act as a collective unit to better combat cyber security,” says Mohamad Haidara of Defence Intelligence.

Mohamed Haidara and his cinnamon hearts.

There were lots of interesting ideas and discussion around the need for transparency among organizations and the need for organizations to learn from each other’s mistakes and leverage different strengths to secure their networks.

One key point was how current security tools are becoming obsolete. There needs to be a new tool or system brought in to help secure the networks of organizations.

Speakers and panel members for the night included:

LISA GORDON-HAGERTY, MPH – Founder and CEO, LEG Inc

DJENANA CAMPARA – President and CEO of KDM Analytics; Author of System Assurance: Beyond Detecting Vulnerabilities (2011)

DR. ALISON WAKEFIELD – Senior Professor in Security & Risk Management at the Institute of Criminal Justice Studies, University of Portsmouth;

NATALIE RUNYON, MBA, CPP – Director, Global Security, Thomson Reuters; Owner of CSO Leadership Training

CHRISTINA DUFFEY, CPP – Vice President, Operations, Paragon Security

SYLVIA FRASER, CPP, PMP, CRM, CSPM (Moderator) – Corporate Security Supervisor, City of Toronto, currently overseeing the Business Strategies and Risk Management Office

We are pleased to sponsor such a quality event for security executives in the Ottawa area. It was a great night filled with excellent discussions and we’re looking forward to next year’s event.

By Sarah Raphael

The Intern’s Security Practices Part 2: Links and Software

 As Defence Inteligence’s intern, I decided to survey my class at Algonquin College to find out how they protect themselves from digital threats. Here is the next section of the survey results on links and software.

To start, I asked if my classmates open links on various social media sites and in emails. Here is what they said:

Some of these results could be off because they may not have an account on LinkedIn or Twitter. Since all students have an e-mail address and the majority have a Facebook account as well, it’s not surprising that they have the highest percentage. I will open links on any of those platforms if I recognize the sender and it’s something they normally do. This is how I fall into the 67 per cent that open links from known sources.

With that said, I don’t open every link received from someone that I know. I read the text around the link and check Google for any warnings. This habit saved me from a virus spread through Twitter where you received a message from a friend saying they found a picture of you. When you clicked the link it gave you the virus. With 80 per cent of the students saying they don’t open messages that are just a link, it looks like when it comes to links they have an idea of how to act securely.

It surprised me to find that only 65 per cent of the students admitted to downloading music or movies through sharing and torrents. I’m definitely guilty of this from time to time, especially when it comes to movies.

Moving on to software, we wanted to know when students decide to update their software.

It’s interesting to note that one student wrote on the survey that that they check to see how important the update is.

The most surprising results for the survey was that 82 per cent of students said that they don’t have antivirus software on their phones. I would be curious to see how many are iPhone or Andriod users. As an iPhone user I’m not sure I have any antivirus software.

“People fail to realize that their phone is a computer and should be treated as such,” said Keith Murphy Defence Intelligence CEO.

Similarly 35 per cent of students don’t have antivirus software on their computer or laptop, and 22 per cent don’t know if they have any. This was a shock to both Murphy and myself.

“If they don’t know whether they have AV, it’s safe to assume that they don’t,” said Murphy.

With this news, it’s no surprise that 22 per cent admit to discovering a virus on their computer. Of the 43 per cent of the students that have antivirus software on their computer or laptop, 17.5 per cent use McAfee, 12.5 per cent use Symantec/Norton, two per cent use Windows Essentials, seven per cent use Avast, and five per cent use a different type of software.

Stay tuned for our last post concerning the security attitudes of the students.

By Sarah Raphael

The Intern’s Security Practices Part 1: Passwords

Being the newest addition to the Defence
Intelligence team and having recently been introduced to the world of security,
I’ve been learning some best practices and adjusting my Internet usage habits.
Over the past few weeks I’ve learned that some of my habits, especially when it
comes to passwords, could use some improvement.
We decided to survey a class of first year
public relations students at Algonquin College, in Ottawa, to see how my
practices compared to theirs. The majority of the class is female with an
average age of 21.
We found that 90 per cent of the students
use the same password for multiple accounts. Personally I use different types
of passwords for different types of accounts. I use the same passwords for
social media accounts, another password for my e-mail, and a separate one for
my online banking. I find it difficult to use a different password for
everything because I use a lot of social media sites.
“It’s interesting that this generation has
been called digital natives yet their security practices are very poor. By
using the same password on multiple accounts they are trading their personal
information and security for convenience,” says Keith Murphy the CEO of Defence
Intelligence.

Fifteen per cent of the students said they
change their passwords frequently. For the next survey we will need to define
how often ‘frequently’ is. I only change my passwords if the site prompts me to
or I need to reset my password because I forgot it. I was surprised that 77 per
cent of the students use passwords that have more than eight characters. I tend
to use the minimal allowable amount of characters when I create passwords. I
think that the school’s password standard is seven characters, which could be
why some students are using longer passwords.
With only 45 per cent recording their
passwords in a safe place I’m not surprised that their passwords are changed
often. I’ve trouble finding a place to store passwords. When I discussed this
with Murphy, he said that the best practices were to use encrypted storage or
to write them down. He also recommended to avoid saving passwords in the
browser and on your computer.  The
following article from lifehacker
is very helpful outlining some common mistakes and best practices.  You can also see our tips here.
The following chart shows the type of
characters the students are using to create their passwords:
I’m not surprised that the majority of the
students use upper and lowercases, those are fairly common. What surprises me
is that there is a significant drop when it comes to the use of numbers,
special characters, and punctuation. I didn’t start using special characters
and numbers until Google, Apple, and other sites started showing you the
strength of your password.
In the next blog post we will discuss the
survey results concerning the use of links and security software. 

By Sarah Raphael

Enhanced by Zemanta

Start Your 2013 Learning and Connecting

Photo image thanks to Keerati at FreeDigitalPhotos.net
Is one of your resolutions for 2013 to remain
current with security information and connected with security professionals? Then
one event you’ll want to include in your schedule is the Canadian Security
Partners’ Forum’s second annual Women in Security Lecture Series. The event will
be hosted in Ottawa, ON at the Hampton Inn and Conference Centre on Thurs Feb 7
at 5:30PM.
The CSPF is committed to creating a meeting place
for all disciplines and domains within security, including national security,
defence, law enforcement, public sector, private sector and public safety. Last
year more than 300 in the security profession came out, with almost an even
split of women (55%) and men (45%).
The confirmed speakers list includes:
  • Dr. Alison Wakefield
  • Senior
    Professor in Security and Risk Management at the Institute of Criminal Justice
    Studies, University of Portsmouth
  • Director
    of the Academic Board at the Security Institute
  • Serves
    on the editorial boards of Security Journal and Police Practice and Research
  • Her
    influential publications on criminology and law enforcement include: Selling
    Security: The Private Policing of Public Space; The
    Sage Dictionary of Policing; and Ethical
    and Social Perspectives on Situational Crime Prevention 

Natalie Runyon, MBA, CPP
  • Director,
    Global Security, Thomson Reuters
  • Owner
    of CSO Leadership Training
  • Member
    of the ASIS CSO Roundtable and its Leadership Development Committee
  • Former
    Illicit Transactions Analyst for the Office of Global Security, Goldman Sachs
    with the Central Intelligence Agency

Christina Duffey, CPP
  • Vice
    President, Operations, Paragon Security
  • Former
    President, ASIS Professional Certification Board (PCB)
  • Recognized
    expert in the security field with extensive security operations knowledge and
    expertise in asset protection, physical security, and risk management

Sylvia Fraser, CPP, PMP, CRM, CSPM (Moderator)
  • Corporate
    Security Supervisor, City of Toronto – which requires Sylvia to oversee the Business
    Strategies and Risk Management Office
  • 14
    years of experience in the security industry providing security management,
    security system designs and project management across both government and
    private security endeavours
  • Specializes
    in security risk management programs, portfolio management, and critical
    infrastructure

Providing
closing comments to this exemplary list of presenters is Colleen D’Iorio,
Executive Director, Security and Identity Management (Treasury Board of Canada
Secretariat). Previously she held the distinguished roles as Director General
Access and Director General Cyber Protection Communications Security Establishment of Canada
(CSEC).

Defence Intelligence is proud to be a Diamond Level Sponsor for  CSPF’s Women in Security Lecture Series. We hope to see you there. 

Tickets, which include a full meal, are only $70.
Register today, this event is sure to sell out.
For more details and to register visit: http://cspfwomeninsecurity2013.eventbrite.ca/

Enhanced by Zemanta

CSPF Announces Second Annual Women In Security Lecture Series

The Canadian Security Partners’ Forum (CSPF) is preparing
their second Women in Security Lecture Series to be held Feb 7, 2013. Building
on the momentum of last year’s sold-out-event, CSPF will be hosting the event
at the Hampton Inn, Ottawa, ON. With tickets going on sale just a week ago and nearly
150 tickets already being sold, it looks like they will have another sell out on their hands.  
The main premise of CSPF is to build strong networks and
the Lecture Series is no different. CSPF has partnered with firmly established
and recognized associations including Canadian Women in Technology (CanWIT),
ASIS Women in Security Council, Women in Security Ontario (WiSO), and Key Women
in Security (KeyWIS).
The Lecture Series is dedicated to women in security
mainly as a tribute to the associations that are part of the Series, but the
event is open to both women and men. Last year 45% of attendees were men.

The
CSPF has been mapping the needs of the cybersecurity and security communities
to build out a comprehensive agenda for the Lecture Series. 
Key topics being
covered at the event include:
  • Cybersecurity
  • Security Risk Management
  • CSO/CISO Training & Education
  • Security & Academia
  • The relationship between security & intelligence
  • Security as a driver of shareholder value
  • Summarizing
    relationship between national security & corporate security

The panel was
specifically selected to represent depth of knowledge as well as breadth of
experience. They will bring their extensive knowledge and compelling experience
(National Security Council, US Department of Energy, Central Intelligence
Agency) to make the discussions both informative and practical.

The list of
elite presenters includes:
LISA GORDON-HAGERTY, MPH 
    – Founder, CEO, LEG Inc. 
    – Named to Fortune Magazine’s Most Powerful Women
in 2004, 2005 & 2006 
    – Served on the White House National Security
Council (NSC) as Director for Combating Terrorism 
    – Former Director, Office of Emergency Response, US
Department of Energy 
    – Former Acting Director, Office of Weapons Surety,
responsible for the safety and security of the American  
      nuclear weapons program 
DJENANA CAMPARA 
    – President and CEO of KDM Analytics; 
    – Author of System Assurance: Beyond Detecting
Vulnerabilities (2011) 
    – 25+ years of experience and leadership in
software and security engineering 
    – Board Member for the Object Management Group
(OMG), an international standard body 
    – Co-Chair, OMG Architecture-Driven Modernization
Task Force and System Assurance Task Force 
    – Member of the SAS Technical Advisory Panel of
National Institute for Standards and Technology (NIST) 
For more
information and to register visit: http://cspfwomeninsecurity2013.eventbrite.ca/

Enhanced by Zemanta