Alberta gets new a privacy commissioner, Apple traffic briefly runs through Russia and more.
Welcome to Cyber Security Today. It’s Monday, August 1st, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Today is a civic holiday in many Canadian provinces — and it’s Colorado Day in that state — so thanks for tuning in.
The province of Alberta gets a new information and privacy commissioner today. Diane McLeod, who worked in the commissioner’s office before becoming Yukon’s ombudsman and information and privacy commissioner, takes over from Jill Clayton. Clayton served two five-year terms. Just before leaving office Clayton released a report last week analyzing 11 years of commission decisions. In the year that ended May 1st, 2021 there were 377 reports of breaches of security controls in Alberta companies involving personal information that could cause a real risk of significant harm to individuals. By comparison there were only 50 reports in the year that ended May 1st. 2010.
The leading cause of reported data breaches during those 11 years was compromised IT systems by things like installation of malware, exploitation of vulnerabilities and hacking. They accounted for 37 per cent of breaches. The second leading cause was theft of physical documents, laptops or portable storage devices. The third leading cause was transmission errors, which are things like misdirected emails or faxes. The fourth leading causes were social engineering and phishing. One more interesting number: It’s taking longer for Alberta-based organizations to discover data breaches. Last year it took an average139 days. The year before it took 119. Part of the reason, says the report, is that compromised systems aren’t immediately detected. Another is that it can be hard to determine the exact date an account was compromised.
Internet traffic of some Apple users ran through Russia for 12 hours last week. That’s the finding by an internet routing agency called MANRS for short. The traffic was redirected to the Rostelecom network. Was this a conspiracy? Was it a tactic in the Russia-Ukraine cyber war? Commentators at the SANS Institute, an IT training provider, say we shouldn’t ascribe malice to something that could be explained by a simple typo. They also say the incident is another reason why end-to-end encryption should be used for all communications. MANRS also says it shows why Apple, and other network providers, should use Route Origin Authorizations to make sure internet traffic goes to where it’s supposed to go.
Some computer users in the United States continue to be upset that they’re getting targeted ads relating to their medical conditions. And they’re blaming Facebook parent Meta. Last month an individual filed a class action lawsuit against Meta and two California medical institutions, alleging their health information had been captured from hospital websites in violation of federal and state laws by Meta’s pixel tracking tool. The lawsuit comes after the news site The Markup did a big report on the Meta Pixel found on a number of U.S. hospital websites. In California, as in many jurisdictions, class action lawsuits have to first be certified by a judge before proceeding. The news site HealthcareDive.com notes that in 2017 a class action lawsuit against Facebook for allegedly collecting and using health data for targeted ads without people’s permission was dismissed. That decision is being appealed.
A U.S.-based marketing platform called OneTouchPoint used by a wide number of health insurers and medical providers has acknowledged suffering a cyber attack in April that encrypted some files. Some news media are calling it a ransomware attack. OneTouchPoint can’t say exactly what personal data was accessed by the hacker but it could include a patient’s name and health assessment information. Thirty-five organizations including Blue Cross insurance providers in several states, the Humana health insurance company and the Kaiser Permanente healthcare provider have been notified.
Finally, GitHub is strengthening the security on its open source NPM JavaScript repository. It began last week with an improved two-factor authentication process. Now developers can publish from the same IP address without having to enter a second factor confirmation every five minutes. In addition, developers can link their GitHub and Twitter accounts to their NPM accounts to help verify an account holder is who they say they are. Finally, a new process is available for more digital secure signing of NPM packages to prevent code from being tampered with. Coming soon, as previously announced, will be the enforcement of two-factor authentication for developers whose accounts have more than 1 million weekly downloads.
That’s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.