Follow ISA Cybersecurity on LinkedIn for the latest cybersecurity news
Weekly CyberTip: Consider a password manager
Still relying on your memory or sticky notes to track your account credentials? Then you may be in the slowly shrinking minority of people still using this insecure method of security, according to a recent survey by Security.org (discussed in more detail below). Memorization can often lead to using simpler passwords, and writing passwords down is risky and inefficient. Consider using a password manager – which will enable you to use unique, long and strong passwords to secure your personal information – coupled with additional security protection in the form of multi-factor authentication.
Survey: Password manager adoption increases 60% in 2023
In a report released September 13, researchers at Security.org discuss their findings from their third annual assessment of password use. Based on a survey of over a thousand American online account holders, this year’s report revealed several interesting trends:
- use of password managers rose to about 33% from just 20% in 2022.
- free tools built into Google and Apple products account for about half of the password manager market
- 28% of password manager users reuse their master passwords for other services, a particularly risky practice, and a slight increase of the 25% mark in 2022
- about 30% of those surveyed (only slightly down from 32% in 2022), confessed to writing their passwords down in order to remember them
These statistics suggest that, while things are moving slowly in the right direction, more work must be done to raise cybersecurity awareness and educate the general public.
Services nearly restored after third-party cyber attack affects The Weather Network
A September 11 cyber attack on Pelmorex Corp., the parent company of TheWeatherNetwork.com and its French-language counterpart MétéoMédia.com, has nearly been resolved, according to a September 16 update on the Pelmorex website.
The initial incident on the unnamed service provider compromised affected The Weather Network and MétéoMédia weather data systems only, with most services being restored by September 16. One key feature that remains unavailable is the push notification service. According to a statement by Karen Kheder, the Pelmorex director of communications and administration, users should refer to alerts that “can be found on our Storm Centre page until our push notification functionality is back up and running.”
Kheder emphasized that the “Alert Ready” system, which issues emergency warnings to mobile phones and on broadcast media when a tornado or major thunderstorm is imminent, was not affected. Pelmorex runs the “Alert Ready” systems for federal and provincial governments using its own in-house technology independent of the third party compromised in the incident.
CCCS responds in wake of DDoS attacks on government websites
On September 15, The Canadian (CCCS) issued an alert advising that it “has been aware and responding to reports of several distributed denial of service (DDoS) campaigns targeting multiple levels within the Government of Canada, as well as the financial and transportation sectors.”
The attacks are linked to the Russian-affiliated hacktivist organization NoName057(16), which has been actively engaged in launching DDoS attacks against western institutions and companies since March 2022. The websites of several federal departments and at least five Canadian provinces and territories (Manitoba, Saskatchewan, PEI, Yukon, and Nunavut) have been affected at various times since September 12, with the highest traffic seen on September 14.
The alert urges IT professionals and managers to:
- Review perimeter systems to determine if related activity has occurred;
- Review and implement preventative actions outlined within the Cyber Centre’s guidance on protecting your organization against denial-of-service attacks; and
- Review the Cybersecurity and Infrastructure Security Agency (CISA) published guidance for US agencies to aid in DDoS considerations including technical mitigation recommendations in responding to DDOS activity
ISA Cybersecurity is available to advise and support you with these measures if you need assistance.
Canada-U.S. water rights commission confirms cyber attack
The International Joint Commission – the cross-border authority that manages water rights along the Canada-U.S. border has confirmed that it was targeted in a cyber attack earlier in September. The statement from the IJC provided no details on the nature of the incident or what services may have been affected; however, the ransomware gang “NoEscape” has listed the IJC as a victim on their dark web portal. In an alleged double-extortion ransomware attack, “NoEscape” claims to have accessed some 80Gb of data, compromising over 50,000 confidential files like contracts and legal documents, personal details of employees and members, financial and insurance information, and geological files.
Coincidentally, CISA recently offered free cyber vulnerability scanning for U.S. water utilities, detailed in an August 24 announcement.