Tag Archive for: Canada

TikTok faces national security review in Canada: minister

/in


TikTok faces national security review in Canada: minister

by AFP Staff Writers

Ottawa (AFP) Mar 15, 2024






Canada is conducting a national security review of Chinese-owned TikTok’s proposed expansion of the popular video app in this country, Industry Minister Francois-Philippe Champagne said Friday.

In a teleconference from Italy after meeting with his G7 counterparts, Champagne said the review under the Investment Canada Act had been quietly initiated in September 2023.

“We have launched a national security review (of TikTok),” he told reporters.

“Once we have completed that,” he said, “we’ll inform Canadians about any actions that we decide to take with respect to that particular topic.”

“I’ll have more to say when our review is completed,” the minister added without saying when that would be.

Champagne noted a March 2023 announcement that foreign investments in Canada’s interactive digital media sector would face “intense scrutiny.”

Those found to be “propagating disinformation or manipulating information in a manner that is injurious to Canada’s national security” could face mitigation measures or even a ban, according to the policy statement.

The Canadian review is not related to a proposed US bill that would force its Chinese owners to sell or see it banned in the United States.

That bill is partly fuelled by concerns over Chinese national security laws that compel organizations to assist with intelligence gathering.

TikTok is a wholly owned subsidiary of Chinese technology firm ByteDance Ltd.

“We’re watching, of course, the debate going on in the United States,” Prime Minister Justin Trudeau said Thursday after the US House of Representatives passed the bill, which still needs approval from the Senate.

Ottawa banned TikTok from federal government mobile devices in February 2023.

Related Links

Cyberwar – Internet Security News – Systems and Policy Issues

Source…

Xenomorph malware now targets banks and crypto apps in Canada, other regions

/in


Security researchers at cybersecurity company ThreatFabric discovered a new campaign leveraging the ‘Xenomorph’ malware on Android.

The campaign targets people in the U.S., Canada, Spain and other regions, and Xenomorph uses overlays that look like various financial institutions to steal peoples’ banking credentials. It also targets cryptocurrency wallets.

Bleeping Computer reported on ThreatFabric’s findings, offering a brief overview of Xenomorph’s history since it appeared in 2022. The malware has gone through a few revisions, and the newest campaign using it tries to get it onto devices by tricking people into downloading a fake Chrome update. A pop-up warns people that they’re using an outdated version of Google Chrome and encourages them to update the browser. However, if people tap the pop-up’s update button, it installs the Xenomorph malware instead.

The main takeaway for Android users should be to avoid installing Chrome updates — or anything for that matter — from a website pop-up. For the vast majority of Android users, updates from Chrome and other apps will come via the Play Store and only the Play Store.

Once installed, ThreatFabric says Xenomorph uses ‘overlays’ to steal information. The malware comes loaded with roughly 100 overlays targeting different sets of banks and crypto apps depending on the targeted region.

Moreover, the recent versions of Xenomorph include new features to enhance it. That includes a  ‘mimic’ feature that gives the malware the ability to act as another application. Mimic includes a built-in activity called ‘IDLEActivity,’ which can act as a WebView to show legitimate web content. These capabilities replace the need for the malware to hide icons from the app launcher after installation, behaviour that can be flagged as suspicious by security tools.

Xenomorph also has a ‘ClickOnPoint’ feature that allows the malware’s operators to simulate taps on specific parts of the screen. That allows operators to move past confirmation screens or perform other simple actions without triggering security warnings.

The last new feature researchers found was an ‘antisleep’ tool to prevent a device from…

Source…

Canada cyber centre issues alert after government DDoS attacks

/in


Distributed denial of service attacks against the websites of federal departments and several Canadian provinces and territories — including PEI, Yukon, Saskatchewan and Manitoba — have prompted the federal cyber agency to issue an IT alert.

Since September 13, the Canadian Centre for Cyber Security has responded to several DDoS campaigns targeting multiple levels within the Government of Canada, as well as the financial and transportation sectors, the alert says.

It doesn’t attribute the attacks, but suggests the cyber centre knows. Publicity is part of what the DDoS attackers seek, “and why we avoid referencing the malicious actor,” the alert says.

Open-source reporting links some of this activity to Russian state-sponsored cyber threat actors whose tactics, techniques, and procedures have been extensively documented, the centre says. In July 2022, the centre predicted Russian state-sponsored cyber threat actors would almost certainly continue to perform actions in support of the Russia’s attack on Ukraine. In Februrary centre reported DDoS attacks on countries that support Ukraine.

“There are relatively simple ways to protect against this kind of campaign,” says the centre. “In most cases, this activity can be managed by standard cyber defence tools. But organizations should consider help from third-party DDoS solutions to ward off significant and focused activity. And once the actors stop the malicious activity, websites go back to normal.”

A DDoS campaign uses a collection of infected computers operating as a botnet to flood a target website’s server with internet traffic and disrupt its ability to provide services.

In most cases, the centre says, this nuisance activity can be managed by on-premises solutions. “However, assistance from third-party DDoS solutions should be considered to prevent significant and focused malicious activity. Websites will commonly return to a normal state of operation once the actors have stopped the malicious activity.”

The centre recommends IT leaders

IT leaders should also review and implement the Cyber Centre’s Top 10 IT Security Actions, particularly recommendations to consolidate, monitor, and defend internet…

Source…

Embassy of China in Canada Issues a Statement on U.S Cyber Espionage Campaigns Against Japan

/in


I just came across to a statement issued by the Embassy of China in Canada on the U.S cyber espionage campaigns launched against Japan.

What’s so special about this statement? First it does quite Wikileaks which is a bit of an outdated approach including the actual source to shed more light into a bigger problem and issue for China that the press statement on the Web site of the Chinese Embassy in Canada mentions. In this specific case the statement implies the use of the so called “hunt-forward” missions which could really mean big trouble for China if the U.S somehow manages to secure a deal with a neighbouring country next to China which could really mean big trouble for China as the U.S will then attempt to establish the foundation for a successful cyber attacks and possibly information operations interception campaigns used managed and operated by China including its partners and allies where to ultimate goal would be to measure their true capabilities and set the foundation for a successful cyber situational awareness campaign in terms of cyber attacks and the true state of China’s true cyberspace operations and cyber attack capabilities including the capabilities of some of its neighbouring countries.

The so called Hunt Forward Operations also known as (HFOs) are an early warning system for cyber situational awareness that could improve the true state of the visibility of the actual country that’s doing these missions in this specific case the U.S could really learn a lot about new tactics and techniques courtesy of the attackers based in the specific country where it’s hosting its mission which could be really bad news for China in terms of having the U.S deploy hunt forward missions in its neighbouring countries where the U.S could really get a better picture of China’s understanding and actual applicability of basic cyber warfare principles and concepts in action including the “know-how” of its neighbouring countries.

Despite the fact that the U.S is willing to share its knowledge and understanding of cyber attacks “know-how” with the host country of a hunt forward mission it could also learn a lot about the cyber attacks that originate from the…

Source…