Tag Archive for: Toronto

Ransomware group apologizes for attack on SickKids hospital | Cybersecurity News



Toronto posts new request for private security firm to ‘patrol and monitor’ parks – Toronto


The City of Toronto is once again petitioning for private security companies to patrol its parks and investigate “possible attempted encampments, safety hazards and criminal activity.”

The new posting comes after an attempt in May to find a company to provide security at municipal parks failed.

The city came under fire from some earlier this year when it put out a request for proposals (RFP) to find private security firms to prevent encampments in parks.

That RFP failed to draw qualified bidders, the city said, with two companies given short-term, non-competitive contracts to provide the service.

Read more:

Toronto looking at hiring private security at major parks to prevent encampments

During the spring, the city awarded two short-term contracts to patrol parks including Trinity Bellwoods Park, Lamport Stadium Park, Alexandra Park and Dufferin Grove.

Story continues below advertisement

“The current parks security contracts with Logix Security Inc. and Valguard Security Inc. for $500,000 each began on April 13, 2022, and are temporary interim contracts to provide parks security until the contract associated with the RFP can be awarded,” a spokesperson for the City of Toronto said.

Amid the COVID-19 pandemic, large encampments formed across parks in Toronto as homeless people said they felt the shelters weren’t safe and feared contracting the virus.

Lamport Stadium and Trinity Bellwoods were both sites that saw many structures and tents. The City of Toronto was criticized for the tactics police officers used to clear the encampments.

Read more:

Toronto planned encampment clearing operation for months, built profiles of residents

An RFP for security services to patrol city parks closed on May 30, 2022, but none of the bidders met Toronto’s criteria, the city said.

The new RFP, posted on Wednesday, says Toronto is looking to retain a company that will offer security guard services at parks around the city.

Toronto feared 35,000 citizens’ data would be made public after cyberattack: documents


The City of Toronto expected metadata concerning some 35,000 citizens to be posted on an online forum run by Eastern European cybercriminals after a data breach earlier this year — but ended up escaping the worst, new documents obtained by CTV News Toronto show.

Some six months after an internal city agency sounded the alarm in confidential documents, the information has yet to be shared publicly and the city says it never received a ransom request, leading some cybersecurity experts to wonder if the city escaped what has been described as a massive spree of cyberattacks. 

“It looks like they failed. The silence is somewhat deafening,” said cybersecurity expert Claudiu Popa. “Maybe the attacker failed to get what they wanted and didn’t have the leverage to extort this particular victim.”

The attack on Toronto was one among thousands of remote, sometimes automated attacks seeking to get data, and then threaten to expose it or destroy it unless handsome sums are paid, often in digital currency.

Ontario’s Information and Privacy Commissioner says cybercriminals are increasingly targeting public agencies, warning breaches are up 151 per cent in 2021 — with 39 public institutions attacked this year in Ontario.

“Hackers are taking advantage of the current public health crisis, and cybersecurity incidents are on the rise,” a spokesperson for the agency said.

The City of Toronto threat assessment, obtained through a Freedom of Information request, describes the attack in January of 2021 as happening through a “zero day” weakness in the city’s Accellion file transfer system.

Hackers known as “CLOP” discovered the weakness in the file transfer system at that time and used it to exploit a large number of organizations, including the Region of Durham.

CTV News Toronto has already shown that those attackers gained and then posted health and schooling data of tens of thousands of individuals, as well as a video of the arrest of a young man by Toronto police on a Durham Region transit bus.

The document appears to link the Toronto attack for the first time publicly to CLOP, which is believed to be a network operating out of…

Source…

Toronto Transit Commission still recovering from ransomware attack


IT staff at the Toronto Transit Commission (TTC) were still dealing with the effects of a ransomware attack on Saturday afternoon, approximately 40 hours after suspicious network activity was detected.

Asked if the TTC has determined how the attack started, and identified the strain of ransomware involved, Shabnum Durrani, head of corporate communications said, “We are still looking into the situation.”

She stressed that the impact on the bus and subway service of the nation’s biggest transit system so far has been minimal, although its Vision communications system used to communicate with drivers, has been knocked offline. Operators have been forced to communicate with Transit Control with radios.

In addition, those needing to use the Wheel Trans van service for transit can’t book online. Instead they have to phone to reserve pickup.

Also offline is the TTC ‘next vehicle’ information service, which displays when the next bus or subway train will arrive on platforms and on trip planning apps.

The TTC’s internal email service is also offline. Durrani couldn’t say if the attackers were able to copy emails of employees, nor could she said if any corporate data was copied. These issues are still being investigated, she said.

Durrani also wouldn’t say if the TTC has been in contact with the attackers. “I cannot comment on that at this time,” she said.

When asked if the TTC has brought in more IT resources to help investigate and restore service, she said the commission is working with other partners, and on the question of whether the Ontario government has been asked for help, she responded that “all levels of government are aware of the situation. We are working with the Toronto Police.”

She added, “The TTC has business continuity plans in place, but as you know, cyber attacks are evolving very quickly.”

Not the first attack on a transit system

A number of transit systems have been impacted by ransomware in recent years, noted Brett Callow, a British Columbia-based threat analyst for Emsisoft. These include British Columbia’s TransLink which was hit with a $7.5 demand late last year.

In 2016 San Francisco’s transit system was hit by ransomware,…

Source…