Cybersecurity breaches more than double among Canadian businesses
A report released on June 13 by CDW Canada, in partnership with International Data Corp. Canada, is based on a survey of more than 500 people involved in IT security, risk and compliance. Respondents counted fewer cyberattacks in the 2023 report than in that of 2022 report – 344 compared to 419 – it should be noted that the number of breaches, including unauthorized removal of data or files, increased 130 per cent to 30 from 13. DDoS attacks also rose to to 30 in the 2023 report from 11 in the 2022 report.
(CTV News)
China-based hacking group has new backdoor tool, researchers say
A Chinese cyber-espionage group known as Nickel or APT15 deployed a previously unseen backdoor in its recent attack on foreign affairs ministries in Central and South America, according to researchers from Symantec, reporting on Wednesday. A campaign that ran from late 2022 into early 2023, saw hackers targeting “a government finance department and an unnamed corporation as well as the foreign affairs ministries.” The group used a diverse collection of tools, “including the recently developed Graphican backdoor, which is an upgrade from the previously used Ketrican backdoor.”
Cyberattacks on OT, ICS lay groundwork for kinetic warfare
Attacks on operational technology (OT) and industrial control system (ICS) environments could enable the development of kinetic weapons with physical effects, said Chris Dobrec, vice president of product marketing for Armis, speaking at Infosecurity Europe on “The Future of Cyberwarfare” this week. Referencing Stuxnet, Havex, and Colonial Pipeline among others, Dobrec described how such attacks can have a kinetic effect and can harm humans.” He stated that 24% of respondents to his company’s research said they were not prepared to handle the effect of these kinds of attacks, even though 76% believe they have appropriate controls in place. Citing the attacks on Ireland’s Health Service Executive last year, he predicted that there will be more attacks on healthcare organizations in particular in the future, as well as on utilities and transportation.
Exploit released for Cisco AnyConnect bug giving SYSTEM privileges
To address a a high-severity flaw in Cisco Secure Client Software for Windows (formerly AnyConnect Secure Mobility Client) that can let attackers elevate privileges to SYSTEM, Cisco last Tuesday released security updates. The company said its Product Security Incident Response Team (PSIRT) “did not have evidence of malicious use or public exploit code targeting the bug in the wild.” Cisco Secure Client helps people to work remotely through a secure Virtual Private Network (VPN) and also provides admins with telemetry and endpoint management features.
Thanks to this week’s episode sponsor, Wing Security
36% of government IT does not have a documented disaster recovery plan
A recent report by Arcserve reveal several weaknesses that can add additional challenges government departments as they battle ransomware and seek to recover data. The findings in the report show that “36% of government IT departments do not have a documented disaster recovery plan, along with other low numbers surrounding comprehensive business continuity plans that include recovery, interim solutions and communication, backup and recovery solutions, and the overall agreement as to whose responsibility it is to recover data and applications in public clouds. The survey was conducted in Australia, New Zealand, Brazil, France, Germany, India, Japan, Korea, the United Kingdom, the United States, and Canada.
ICEFALL vulnerability disclosed affecting Schneider tool
Following up on a story we brought you exactly one year ago, researchers have disclosed a vulnerability within OT tools made by Schneider Electric. This final bug is being announced as part of a set collectively known as OT:ICEFALL that was released on June 22, 2023. This vulnerability affects Schneider’s ION and PowerLogic power meters, “which provide power and energy monitoring tools to organizations in the manufacturing, energy, water and wastewater systems sectors.” Identified as CVE-2022-46680, with a CVSS score of 8.8 out of 10, this is a high severity flaw that allows hackers to “gain access to credentials that would help them change configuration settings or potentially modify firmware.”
DuckDuckGo browser for Windows available for everyone as public beta
Search tool DuckDuckGo has released a Windows browser as a beta version. It promises to “protect users from third-party tracking, targeted advertising, search query logging, and profiling.” It is loaded with default data protection and security enhancements and is described by DuckDuckGo as, “just a fast, lightweight browser that makes the Internet less creepy and less cluttered.”
Japan’s digital ID card gets emergency review amid data leaks
An emergency review of the Japan’s ID Cards has been ordered by the prime minister, citing glitches and data leaks that threaten the government’s digital services program. The “My Number” card is “a unique identification for all Japanese residents and is necessary to access some government services.” The cards are equipped with NFC chips and are intended to be used as an authentication-as-a-service offering that private businesses can use, as well as a replacement for health insurance cards. Japanese media is also reporting that people with similar names are receiving incorrect cards.