Following up on my year-end review of 2020 story, here are some of the biggest cybersecurity-related news stories of 2020 I couldn’t squeeze into that piece. Most are Canadian, but some are of enough significance that they are included here. The list might have been longer but a number of companies whose names were posted by ransomware groups refused to confirm if they were hit and their data copied:
- Evidence emerges that ransomware is scooping up every credential on a victim’s network;
- Canadian-based PlanetDrugsDirect.com, which sold prescription drugs online, announces a security incident, hasn’t been online since;
- Security researcher Jason Coulls discovers two open accounts with application source code, internal user names and passwords, and private keys belonging to Rogers Communications. No customer data was found. Later in the year Rogers notified customers that one of the companies it deals with left a database open with Rogers subscribers’ addresses, phone numbers and email addresses;
- The Canadian Association of Defence and Security Industries (CADSI) says Ottawa should follow the lead of other countries and work more closely with the private sector
- An IBM report says configuration mistakes caused the bulk of stolen records last year;
- I wrote a number of stories about women in cybersecurity. One that stood out was that only one woman applied for anIS position at Hamilton’s McMaster University. Another was my interview with Microsoft’s Diana Kelly about sexism in the industry.
- BlackBerry researchers reported that China-affiliated groups have been infiltrating Linux systems for years;
- The Canadian Internet Registry Authority (CIRA) launched a free DSN firewall for consumers;
- A decade’s worth of decisions of the Nova Scotia Workers Compensation Board Appeal Tribunal was posted on a Canadian legal news website with personal information of claimants. They were supposed to be edited beforehand to remove the info;
- Canadian e-learning website OneClass may have jeopardized the privacy of thousands of students by not properly securing a database of subscriber information;
- After a cyberattack on Canada’s Royal Military College, a threat group posts files allegedly from the institution;
- The U.K. government does a turnaround and bans telecoms in the country from having any equipment from China’s Huawei on their wireless networks;
- Staff may have improperly accessed personal info of users of Toronto-based Wattpad, a story publishing website, the company says;
- BlackBaud, a U.S. based cloud-based provider of services for nonprofits, schools, healthcare organizations, faith communities, arts groups and corporations in five countries including Canada, says data stolen in a ransomware attack may have included unencrypted customer information;
- Six members of Russia’s military intelligence unit have been accused by the U.S. of being behind some of the biggest known cyberattacks, including the NotPetya wiper, which caused over $1 billion in losses around the world, and malware that twice knocked out power to large parts of Ukraine;
- Sophos told customers that it learned from a security researcher of “an access permission issue in a tool used to store information on customers who contacted Sophos support. The exposed information included customer first and last names, email addresses, and in some cases a phone number.
Other Canadian organizations we wrote about in connection with incidents included Bird Construction, the government of Prince Edward Island; the B.C. district of Squamish, the Telus-owned wireless carrier Koodo; Ontario retailer the Beer Store; the Chartered Professional Accountants Canada ; Brookfield Residential Properties; the College of Nurses of Ontario; Ottawa-based e-commerce platform Shopify; steel manufacturer Stelco; post-secondary institute Saskatchewan Polytechnc; the city of Saint John, N.B.; and Calgary energy firm Parkland.