Tag Archive for: Canadian

New owner of Canadian ransomware negotiating firm expands its mandate

/in


Two of Canada’s best known names in cybersecurity are teaming up again, this time to lead a firm specializing in post-breach remediation.

Daniel Tobok and Ed Dubrovsky, formerly the founder and managing director respectively of the Toronto-based incident response firm Cytelligence, are now behind Cypfer, which is moving from focusing on ransomware negotiations into post-incident recovery consulting.

Both men left Cytelligence recently, after staying with that firm following its acquisition in December, 2022 by insurance and consulting giant Aon plc.

Early last month Tobok announced he had bought Toronto-based Cypfer. A few weeks later he announced that Dubrovsky has joined the company as managing director.

Dubrovsky has led international security consulting practices as well as being a chief information security officer (CISO) and chief operating officer.

“We’re about recovery post-breach,” Tobok said in an interview from Miami, where he now makes his home.

“There’s a very big gap in the market today. When companies get breached, nobody is assisting them to get up and running after an incident. Our whole strategy is to build the largest global organization that will handle post-breach remediation.”

Cypfer has 52 employees in Toronto. Tobok hopes to soon add 30 in Miami, which he said has become a big tech hub. He also plans to open offices in Europe, the Caribbean and South America.

“Florida has about six major universities,” he said, “with very robust cybersecurity programs. That’s one of the reasons we chose Florida as a base. Miami is also great because we can get international flights. New York is extremely expensive.”

Cypfer founder and president Jason Kotler will stay with the company as president. Dubrovsky will be responsible for strategy, execution, innovation and growth.

“Once somebody gets breached … their biggest problem is, when they recover, to make sure their data is secure so they don’t get re-infected with ransomware, their credentials are not compromised and they can actually operate properly,” Tobok said. “That’s been a very big problem in the industry because people can re-install software, they can re-install hardware but…

Source…

GiveSendGo back online after hack targeting Canadian ‘Freedom Convoy’ protests

/in


(RNS) — Controversial Christian crowdfunding website GiveSendGo is back online after being hacked over the weekend, with digital attackers leaking the names and emails of people who donated to the ongoing protest against pandemic restrictions in Canada spearheaded by truck drivers.

GiveSendGo addressed the hack in a tweet Tuesday morning (Feb. 15), saying the website was “attacked by malicious actors attempting to eliminate the ability of its users to raise funds.”

“GiveSendGo has a dedicated team aggressively focused on identifying these malicious actors and pursuing actions against their cybercrime,” read the statement.

The hackers targeted contributors to the so-called Freedom Convoy protest that has halted traffic at some U.S. border crossings, ground parts of Ottawa to a halt and spurred Canadian Prime Minister Justin Trudeau to activate emergency powers in an effort to shut down the demonstration. The catalyst for the protest, which arrived in the country’s capital in late January, was Trudeau’s requirement that truckers quarantine if they are unvaccinated and cross the U.S.-Canada border.

Although Canada is one of the most vaccinated countries in the world — including most of its truckers, according to Trudeau — the protest has grown into a broader symbolic pushback against all pandemic restrictions, including masks, lockdowns and vaccine mandates.

RELATED: Inside the fraught effort to create a Christian nationalist internet

The demonstrators initially used the more mainstream fundraising website GoFundMe for their efforts, quickly accruing millions of dollars. But GoFundMe took down the donation page in early February, saying it violated the site’s terms of service.

The move outraged many conservatives in the U.S. but spurred demonstrators to utilize GiveSendGo, which has actively promoted the protest fundraiser. The shift to the Christian website, in turn, quickly encountered resistance: Last week, a Canadian judge issued an order halting access to funds housed in the website, and the Canadian government has warned it will freeze the bank accounts of truckers who continue to form blockades.

GiveSendGo noted in its statement that no money was stolen…

Source…

Canadian ‘cyberterrorist’ sentenced to prison over NetWalker ransomware attacks

/in


A Canadian man dubbed a “sophisticated cyberterrorist” by an Ontario judge has pleaded guilty in a series of NetWalker ransomware attacks on 17 Canadian entities, admitting to participating in extortion that resulted in nearly $3 million in losses and drew in millions more in cryptocurrency.

In what’s believed to be the largest of its kind in Canada — a complex case where stores of data were stolen, then held for ransom to be paid in bitcoin — Gatineau man Sebastien Vachon-Desjardins pleaded guilty in a Brampton court last week to a series of crimes called “extreme and significant” by a judge, including extortion and participating in a criminal organization.

“He is a sophisticated cyberterrorist who preyed in an organized way with others on entities in educational, health-care, governmental, and commercial sectors,” said Ontario court judge G. Paul Renwick in a Feb. 1 ruling, calling the losses in the case “monumental.”

A former Canadian government IT employee, Vachon-Desjardins “excelled at what he did,” Renwick wrote — that is, breaching private computer networks and systems, hijacking their data, holding it for ransom, then distributing it if he wasn’t paid.

“He played a dominant, almost exclusive, role in these offences and he assisted NetWalker and other affiliates by improving their ability to extort their victims and disguise their proceeds,” Renwick wrote, sentencing Vachon-Desjardins to six years and eight months in a federal penitentiary.

Vachon-Desjardins’ participation in NetWalker — a group of cybercriminals who attack targets using sophisticated ransomware — first made headlines last year when the U.S. Department of Justice announced charges against him as part of an international probe of into the cyber attacks. U.S. authorities alleged he’d illegally obtained more than $27.6 million.

Ransomware is a form of malicious software, or “malware,” that can encrypt a victim’s files and allow an attacker to seize control of their data. Cybercriminals then hold the data for ransom, demanding payment, typically in cryptocurrency, in exchange for restored access to the files, threatening to leak the data if no payment is received.

Source…

Thousands of Canadian websites offline over cybersecurity threat

/in


Eric Caire, Quebec’s minister of digital transformation, said the province has since been working to identify which websites are at risk, one by one, before putting them back online.Graham Hughes/The Canadian Press

Amid warnings from Ottawa of a global online security issue, Quebec said Sunday that it has shut down almost 4,000 government websites as a preventative measure after receiving a cyberattack threat.

At a news conference, Quebec’s minister of digital transformation said the province was made aware of the threat on Friday and has since been working to identify which websites are at risk, one by one, before putting them back online.

“We’re kind of looking for a needle in a haystack,” Eric Caire said, in Quebec City, “Not knowing which websites use the [affected] software, we decided to shut them all.”

He added, “Once we make sure the system is operational, it gets back online.”

Mr. Caire said the provincial vaccine passport system was never at risk, saying it doesn’t require the software that has been the focus of attention.

Canada Revenue Agency goes offline as a precaution, citing global ‘security vulnerability’

Defence Minister Anita Anand said the federal government is aware of a “vulnerability” in a software product called Apache, “which has the potential to be used by bad actors in limited and targeted attacks.”

Ms. Anand said in a statement Sunday that the Canadian Centre for Cyber Security is calling on Canadian organizations of all types to pay attention to this “critical, internet vulnerability affecting organizations across the globe.”

The centre leads the government’s response to cybersecurity events, combining expertise from Public Safety Canada, Shared Services Canada and the Communications Security Establishment (CSE) to work with private and public sectors.

Asked for more details on the reference to Canadian organizations of all types, the CSE said Sunday that it was referring to small, medium and large organizations/enterprises, but did not provide any further details.

The Canada Revenue Agency said Sunday that it became aware on Friday of a security vulnerability.

“As a precaution, we proactively decided to take our online…

Source…