Cybercrime backlog ‘a significant risk’ to RCMP, internal audit warns
By The Canadian Press - Tuesday, January 29, 2013 - 0 Comments
OTTAWA – Rising cybercrime has left the RCMP program that investigates everything from child…
OTTAWA – Rising cybercrime has left the RCMP program that investigates everything from child pornography to online fraud with a backlog that poses a serious risk to its work, says a newly released audit.
The internal audit of the RCMP’s technological crime program found a backlog of requests to analyze computing devices — potentially crucial pieces of evidence — at all five program units the reviewers visited.
“All program managers are concerned that the number of requests for assistance and devices being analyzed by the (program) has been increasing year after year,” says the audit report.
“This was identified as a significant risk to the program.”
The auditors called for “immediate attention” to address the backlog.
-
Fighting cybercrime
By Luiza Ch. Savage - Wednesday, December 26, 2012 at 7:10 AM - 0 Comments
As the U.S. attempts to bolster its cybersecurity legislation, will Canada be called on to take part?
Carolyn Kaster/AP
The revelation that Iranian nuclear centrifuges were sabotaged by the computer worm Stuxnet—reportedly a covert U.S.-Israeli intelligence operation—is unnerving Western security policy-makers who say it is only a matter of time before cyberwar is turned against North America. Will hackers shut down the electrical grid, sending millions into darkness? Could a foreign agent remotely sabotage a pipeline carrying natural gas or crude oil, causing an environmental disaster?
American lawmakers want to encourage U.S. government agencies to share intelligence about potential threats with private sector companies (who own and operate most of America’s critical infrastructure), and to compel these firms to be more forthcoming about their own vulnerabilities. The issues are complicated: government regulations could prove onerous and costly, and could become quickly obsolete. Companies worry that identifying vulnerabilities could lead to legal liability and higher insurance costs. Civil libertarians also worry that allowing government greater leeway to monitor Internet traffic in search of malicious software could lead to privacy violations. Earlier this year Republicans blocked proposed legislation in the Senate that would have created merely voluntary standards (House Republicans are now talking about drafting their own bill next year, but plans remain vague). Meanwhile, there is speculation that President Barack Obama will weigh in with an executive order this month, in an attempt to fill the void left by congressional paralysis.
-
LulzSec quits via Twitter
By macleans.ca - Monday, June 27, 2011 at 1:24 PM - 0 Comments
Endorses hacking contemporary, ‘Anonymous’
LulzSec—the notorious hacking group responsible for breaching government and corporate security systems—called it quits on Saturday, PC World reports. The group relayed a message to its 281, 870 Twitter followers, saying that their hacking operations were finished, before releasing private data obtained in the last two months from the CIA, U.S. Senate, Sony, and AOL. LulzSec encouraged followers to shift their attention to former rival hackers, Anonymous, who are also implicated in the Sony PlayStation Service hack that occurred earlier this year.
-
An IP address is not a person
By Jesse Brown - Tuesday, April 26, 2011 at 5:08 PM - 5 Comments
‘Skooky840′ is a good neighbour; he or she doesn’t lock their WiFi. When my Internet connection is out, I hop on theirs until I get things sorted. I’m not sure why they don’t protect their signal with a password. Maybe they can’t figure out how to. Maybe they can’t be bothered. Or maybe, like some folks I know, Skooky840 leaves their signal open to be polite, as a courtesy to neighbours like me. As long as we don’t abuse it and run up their bills, hey- why not? I’d love to thank Skooky840 for making my life a little easier and our street a little friendlier, but I don’t know who they are. A WiFi signal, like the Internet Protocol (IP) address associated with it, is not a person.Try telling the cops that. If I were to abuse my neighbour’s politeness and/or carelessness (and if I were a criminal and/or creep) then this might happen: Skooky840 might be swarmed by a SWAT team in their own home because a predator hijacked their hospitality.
When a crime is committed online, tracking it to an IP address is a good place for police to start their investigation, much like how tracking a gun to the person who registered it is a good and obvious way to embark on a murder investigation. But it’s just a start. One Internet connection might be shared by different people who might live in different homes. If the signal is not password protected, any stranger walking or driving by could potentially have committed the online crime. If I were intent on committing a crime online, that’s probably how I’d do it. Alternatively, if I were the least bit afraid of being accused of a crime linked to my own connection, I might choose to remove password protection in order to gain plausible deniability—if my WiFi is open to the world, I guess it could have been anyone! Of course, even if I use a password, it still could have been anyone—millions of computers are infected with botnets that allow third parties from any part of the world to access the Internet through someone else’s IP address, often without the host’s knowledge.
Of course, the Internet is still relatively new, and there are plenty of dumb criminals out there who won’t take any of these easily available precautions to cover their tracks. Track a child porn download to its IP address, and there’s a good chance that the perpetrator will be physically nearby. But for how long? And as criminals become more technically savvy, will the police, laws and courts evolve as well?
At some point, seizing the computer of someone because they’ve had access to an implicated IP address will be sloppy policing, and a violation of privacy to boot.
-
FBI carries out cyber sting
By macleans.ca - Thursday, April 14, 2011 at 4:39 PM - 1 Comment
Massive botnet is infiltrated by U.S. cyber crime fighters
The FBI has zeroed in on some 2.3 million computers that made up a ‘botnet’—a network of infected or ‘zombie’ computers. Using never-before-used methods, investigators took control of the network to shut down malware—malicious software—logged IP addresses of compromised PCs, and then reported those addresses to Internet service providers (ISPs). That means that if your PC was used by this network, your ISP has been made aware and should notify you. The botnet was infected with malware which can record keystrokes, allowing criminals to take over computers and steal passwords, banking, and credit card information. The U.S. Justice Department had to seek court permission to carry out this method, as privacy experts had questioned its legality.
-
The coffee shop hackers
By Cameron Ainsworth-Vincze - Thursday, November 25, 2010 at 10:40 AM - 2 Comments
Going online in a public place is becoming increasingly risky
Getty Images
Enjoying free Internet access in a public place is a luxury many Canadians take for granted. Coffee shops, for instance, are famous for providing free WiFi hookups, enabling patrons to check their email and browse social networks like Facebook. Yet going online in a public place is becoming increasingly risky, as a new type of tech trickery is being employed by criminals to access your private information, and even hijack your online persona.
