Many of us are concerned about global surveillance and unnecessarily intrusive government powers. But there is an even bigger danger lurking around the corner: Insecure IoT devices are being turned into cyberweapons. Causing widespread Internet disruptions is easier than ever.
You can read more in my column this week.
A grey Global 9300 Series Lateral Filing Cabinet (9336-5-05) was ordered from Grand and Toy on April 9, 2016 and the AMEX card was charged on April 14, 2016. Despite multiple requests, and several days of “investigation”, Grand and Toy has been unable to locate, deliver, or provide an ETA for the missing filing cabinet. Please help!
Updated 21 April 2016: Grand and Toy have located and delivered the filing cabinet, and their management have been in touch. They are looking into what went wrong and how their process can be improved.
This week the 2014-15 Annual Report of the Communications Security Establishment Commissioner was tabled in Parliament. The report was submitted in June 2015 to then Minister of National Defence Jason Kenney, but suspiciously not tabled prior to the election. The incoming Liberal government inherited the report and tabled it.
Jim Bronskill’s piece for CP, “Canada’s electronic spy agency broke privacy law by sharing metadata, watchdog says,” appears well substantiated by the report. However, it is important to note that this appears to have been an isolated incident with minimal privacy consequences.
Next week, in my column for IT in Canada, I’ll be looking at the larger issue of oversight and what Parliament should do to protect Canadians.
In my column this week I wrote about padlocks and parallels with cybersecurity. One of the many things I enjoy about writing is talking to companies about their products. When I started on the article, I reached out to several padlock manufacturers including Master Lock, Abus, and Abloy. Surprisingly, none of them would talk about their products to a security columnist!
In my quest for an expert quote, I stumbled across Pacific Lock Company. I had never heard of them, but as it turns out they’re one of the few independent lock companies left in North America, and possibly the world. Greg Waugh, President of the family-owned business, was happy to talk and sent me a few sample locks.
As I wrote in my article, “I was pleasantly surprised with the quality and value of PACLOCK products. Their 90A aluminum padlock with a 6-pin rekeyable cylinder sells for less than US $20 and is clearly superior to most similarly-sized padlocks on the market. Alternating spool and serrated pins make them as pick resistant as pin-tumbler locks gets. With the potential exception of a skilled locksmith willing to spend half an hour picking it, this lock will only be removed by destroying it.”
According to the Identity Theft Research Center (ITRC), in the United States there were 780 publicized data breaches in 2015 that exposed 177,866,236 records. That doesn’t include undetected breaches or those that targeted intellectual property instead of personal data.
Here in Canada we don’t know how many breaches occurred and what the practical impact of the breach notification requirements in the Digital Privacy Act will be.
The one thing we do know for certain is that the ITRC numbers represent the tip of the iceberg. This week, in my column for IT in Canada, I’ll discuss five things ever business should do to reduce the likelihood of a breach.