Follow ISA Cybersecurity on LinkedIn for the latest cybersecurity news
Weekly CyberTip: Beware of boarding pass scams
With the summer travel season approaching, keep in mind that the barcode on your airline boarding pass contains sensitive information. Make sure not to leave it behind on the plane and shred it when you no longer need it. Treat your boarding pass with the same level of care as you would with your passport.
Sunwing Breach Causes Days-Long Chaos
Nearly a week since being hit with a cyber breach that caused flights to be grounded and travellers stranded, Sunwing Airlines is finally back on a regular flight schedule.
“We’re happy to share that our flight schedule has returned to normal,” the company posted April 22 on its Twitter page. “Thank you again to our valued customers for your patience and understanding as we worked through these disruptions.”
But Sunwing also warned its customers that check-in times and passenger processing may be slower than usual in the coming days as it readies to fully relaunch its passenger handling system.
Sunwing has apologized for the delays, which it says are the result of a data security breach affecting Airline Choice, its third-party provider of passenger handling systems.
Canada, U.S. Among Nations Establishing International Cybersecurity Rules
Canada, the U.S. and five Asian nations are joining forces to establish international data protection and privacy rules.
The group, which includes Japan, Taiwan, the Philippines, South Korea and Singapore, have created the Global Cross-Border Privacy Rules (CBPR) Forum and are hoping more countries will join. The goal is to bridge different national regulations into a consolidated cross-border approach.
Ultimately there would be an international certification system created by the Asia-Pacific Economic Co-operation (APEC) group that would help companies show compliance with internationally recognized data privacy standards.
“With this unique approach founded on creating practical compliance tools and based on co-operation, we can make the digital economy work for consumers and businesses of all sizes alike,” said U.S. Commerce Secretary Gina Raimondo in a statement.
In addition, Canada’s government intends to introduce new legislation that will consider stakeholders’ comments on the former Bill C-11 and help advance Canada’s Digital Charter, which aims to strengthen consumer privacy.
Calgary Police Say Cybercrime Up 174% Since 2017
Calgary police say cybercrime incidents in the city have increased a staggering 174 per cent between 2017 and 2021.
But those are just the reported incidents. Police estimate only five to 10 per cent of all cybercrime is brought to the attention of law enforcement.
The Canadian Federation of Independent Business (CFIB), a national organization that represents more than 9,000 businesses in Alberta alone, says it’s hearing from business owners who are more worried than ever about cyberattacks.
“Businesses are talking about it more,” said CFIB’s senior director of marketing partnerships Mandy D’Autremont to the CBC. “They’re now looking to what they can do to protect themselves.”
Part of the problem, according to John Zabiuk, chair of the cybersecurity program at the Northern Alberta Institute of Technology in Edmonton, is the lack of cybersecurity professionals.
“We just don’t have the people able to backfill the positions required to meet the demand of countering those cyberattacks,” he said.
But Zabiuk adds it’s not just an Alberta-based issue, it’s a global problem with millions of job vacancies worldwide.
“That leaves the whole area of cybersecurity untapped in terms of people getting into that profession,” he said.
Five Eyes Issues New Russian Cybercrime Warning
A new alert issued by The Five Eyes, the intelligence alliance comprised of Australia, Canada, New Zealand, the United Kingdom and the United States, is once again warning organizations about Russian state-sponsored cybercrime targeting critical infrastructure.
The alert provides detailed information on the cybercriminal groups allegedly working in conjunction with the Russian government, as well as guidance on how to mitigate risk. The cybersecurity recommendations include:
– Updating software, including operating systems, applications and firmware on IT network assets.
– Enforcing muti-factor authentication.
– Providing end-user awareness and training.
The alert also provides contact information within each Five Eyes country for reporting a cybercrime incident.