CSE cybersecurity centre’s new boss says job has been ‘dizzying’ experience of responding to multiple major cyber incidents

CSE cybersecurity centre’s new boss says job has been ‘dizzying’ experience of responding to multiple major cyber incidents


At the same time, Sami Khoury said CSE was trying to handle “a series” of ransomware software incidents, which it has often called one of the biggest cyber threats facing Canada.

Content of the article

The new head of Canada’s cybersecurity center says his first months at work have been a “dizzying” experience of responding to one major incident after another, including a hostile state cyberattack on a federal government department in the last few months.

Announcement 2

Content of the article

“The last eight months have been a somewhat dizzying experience of a series of cyber incidents and the management of all these cyber incidents,” said Sami Khoury, who was appointed head of the Canadian Center for Cyber ​​Security. of Communications Security (CSE) last August, to the public at the Cyber ​​UK conference on Wednesday.

“On the first day of labor, federal elections are called,” he began, noting that the government was suddenly responsible for defending the entire country at a time of particular interest to foreign states seeking to interfere in the Canadian affairs.

Then, just as the election ended, Newfoundland suffered a major cyberattack that paralyzed the province’s health care system for weeks and resulted in the theft of 200,000 files. This forced CSE to deploy a team to help the province essentially rebuild its computer systems, Khoury told conference attendees.

Announcement 3

Content of the article

Shortly afterwards, CSE struggled to help cyber defenders address a major vulnerability, known as Log4j, in an almost ubiquitous software library that hackers quickly attempted to abuse. At the time, it was described as one of the most critical vulnerabilities of the last decade.

At the same time, Khoury said CSE was trying to handle “a series” of ransomware incidents, which it has often described as one of the biggest cyber threats facing Canada at the moment.

In 2021, CSE reported 304 ransomware attacks, a 151% increase over the previous year, but this is likely to be a drop compared to the actual figure because the problem is still “very unreported.” he said.

Announcement 4

Content of the article

Khoury said that in early 2022, “we thought we would celebrate a quiet new year,” he told conference attendees.

But that hope was dashed by a “nation-state incident against one of our federal government departments” not previously revealed. He did not specify which hostile state was behind the attack, nor which department he was targeting.

The only known incident at the time was a major cyberattack on Global Affairs Canada (GAC) that was first detected on January 19th. The incident forced the department to close a series of internal programs for days and sometimes weeks to prevent further damage. .

In an interview after his panel (but before it was publicly available online), Khoury declined to say who was behind the GAC attack, but noted that it was a “sophisticated incident.”

Announcement 5

Content of the article

He also confirmed that there was no private or sensitive government information that was compromised or stolen during the GAC incident.

“We have not publicly come out with anything to indicate who is behind this,” he told the National Post.

Russia then launched its invasion of Ukraine, raising major concerns about the country’s growing attacks that appear repeatedly as a key hostile cyber threat to Canada. Khoury also spoke of “another incident we had to deal with,” but gave no further details.

The last eight months have taught me that it will be a busy few years

But despite fears of an impending cyber war with Russia since its invasion of Ukraine, the head of the Canadian Cyber ​​Security Center says Canadian organizations have been the target of Russian cybercriminals … yet he specified in an interview.

Announcement 6

Content of the article

“We haven’t seen anything in Canada that we can find a fingerprint that is Russia looking at Canada right now,” he said, noting that most of the country’s cyber attacks have focused on Ukrainian targets.

But “we want Canadian companies to be prepared for when this happens,” he added, “because the problem is serious and the threat is real.” “Russia is throwing everything away from the kitchen sink in the Ukraine conflict.”

But it is not because Canada is not directly targeted by Russia even though the CSE is not watching what it is doing in Ukraine and is using it as a warning of what might come here.

“In the first days of the Russian campaign, we saw that we saw them against the Ukrainian banks. We then posted a warning about trying to protect your web servers, “Khoury said.

Announcement 7

Content of the article

“Then we saw them flood the waves with misinformation and misinformation. And we published another newsletter with this information,” he continued.

“Then we saw them deploy very nasty and destructive malware in Ukraine,” he said. “It’s a bit of a cat-and-mouse game … Every time we looked at something in Ukraine, we turned around and updated the Canadian guide or customized it a bit.”

Khoury says the last few months have been so intense for cyber defenders across the country that he now worries that they may burn slowly.

“I’m concerned about the level of energy … and our pace. There are humans who handle these cyber incidents and it’s important to make sure our computers have some time to breathe, to catch their breath,” he said. to say.

“The last eight months have taught me that these will be very busy years. We are not out of work. It will keep us busy, “he said.

Announcements

Comments

Postmedia is committed to maintaining a lively but civil discussion forum and encouraging all readers to share their views on our articles. Comments can take up to an hour to moderate before appearing on the site. We urge you to keep your comments relevant and respectful. We’ve enabled email notifications – you will now receive an email if you receive a response to your comment, there is an update to a comment thread you are following, or if a user is still commenting. Visit our Community Guidelines for more information and details on how to adjust your email settings.



Source link

Related post

EDUCAUSE 2022: How Data Collection Can Improve Student and Faculty IT Support

EDUCAUSE 2022: How Data Collection Can Improve Student and…

At Indiana University, Gladdin said, to make life easier for students and faculty, they implemented a course template for the Canvas…
UGC, AICTE warn students against online PhD programmes offered by EdTech platforms | Latest News India

UGC, AICTE warn students against online PhD programmes offered…

The University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) on Friday issued a joint advisory against…
UGC, AICTE warn students against online PhD programmes offered by EdTech platforms | Latest News India

UGC, AICTE warn students against online PhD programmes offered…

The University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) on Friday issued a joint advisory against…

Leave a Reply

Your email address will not be published.