Discover how Canadian businesses are rapidly adopting cloud infrastructure to drive growth, reduce costs, and enhance operational resilience. Explore the key benefits of cloud adoption and how it empowers companies to innovate and thrive in uncertain times.

In recent times, Canadian companies have been known for their cautious approach towards adopting cloud technology, maintaining a traditional mindset year after year. However, a recent report by Forrester suggests that the global trend is strongly leaning towards cloud, with the public cloud market projected to exceed $1 trillion (USD) worldwide by 2026.

In Canada, there has been a gradual shift in mindset over the past few years. A study conducted by IDC in 2016 revealed that only a small percentage of Canadian businesses considered themselves as digital disruptors, while the majority fell into the categories of digital resisters or digital explorers.

ITWC’s research further supported this observation. Annual surveys conducted between 2018 and 2021 asked Canadian business leaders about their intentions regarding leveraging IT infrastructure and applications in the upcoming 12-24 months. The percentage of those considering cloud adoption showed a slow increase from 30% in 2018 to 38% in 2021.

However, a remarkable transformation occurred in ITWC’s 2022 survey. When business leaders were asked about their projections for the next 12 to 24 months, the percentage favoring cloud as the preferred infrastructure model jumped to 59% from the previous year’s 38%.

This significant shift indicated a change in perception, with nearly six out of ten Canadian business leaders now recognizing cloud as a crucial delivery mechanism. The events of 2020, where companies had to quickly establish hybrid offices, could have contributed to this change, although some attribute it to the inherent caution often associated with Canadian business culture.

As we enter 2023, it appears to be the year when cloud technology will truly become the preferred infrastructure delivery vehicle for Canadian businesses. Organizations are now following the successful examples of early cloud adopters in Canada, the United States, and worldwide.

Business leaders who participated in ITWC’s survey highlighted several benefits of cloud adoption amid uncertain times. These advantages include reduced technology infrastructure costs, increased productivity, improved operational resilience, and a decrease in security incidents.

Individually, these benefits are impressive, but collectively they paint a more compelling picture. Companies that embrace cloud technology and implement it effectively are experiencing faster time-to-market and enabling their employees to focus more on innovation by relieving them of day-to-day operational burdens.

Stay informed about recent cybersecurity incidents, breaches, and vulnerabilities impacting organizations and individuals. Discover the importance of proactive security measures and best practices to protect sensitive data from malicious actors.

In today’s digital landscape, the threat of cybersecurity breaches looms larger than ever before. Recent incidents and vulnerabilities have highlighted the need for organizations and individuals to remain vigilant in protecting sensitive data and systems from malicious actors. This article explores several noteworthy cybersecurity events, shedding light on the potential risks and emphasizing the importance of proactive measures.

Android Spyware Alert: Malicious Apps Detected

Android smartphone users have been alerted to a new strain of malware infecting over 100 apps. Dubbed “SpinOk” by cybersecurity experts, this spyware module operates discreetly in the background, enabling various malicious activities. While many of the infected apps have been removed from the official Play Store, some may still pose a threat to unsuspecting users. It is crucial for Android users to remain cautious when downloading apps and to promptly delete any suspicious or unnecessary applications.

Some of the involved apps that have been found to have this type of spyware include:  Noizz, a video editor with music,  Zapya, an app to easily transfer and share files, the video editing apps vFly and MVBit, Biougo, a video maker and editor, a game app called Crazy Drop,  Cashzine, an earn money rewards app, the offline reading app Fizzo Novel, CashEM, a rewards app, and Tick, another earn rewards based on watching videos.

Gmail Security Warning: Flaw in Verification System

Google, the provider of the widely used Gmail service, recently issued a security warning to its massive user base. A critical flaw was discovered in Gmail’s new checkmark system, designed to identify verified organizations and aid in detecting potential scams. However, hackers successfully bypassed this security feature, raising concerns about the overall security of Gmail. Google is actively working to address the issue, emphasizing the constant battle between security enhancements and the ever-evolving tactics employed by hackers.

JBS Cybersecurity Failings: Vulnerability in the Food Processing Industry

The 2021 ransomware attack on JBS, a major food processing company, highlighted a significant vulnerability within the industry’s cybersecurity practices. A recent evaluation revealed that JBS’s cybersecurity infrastructure was lacking compared to its peers. The complex and interconnected nature of food processing systems, often reliant on outdated control systems and connected devices, presents an attractive target for hackers. The challenge lies in the cost of updating and fortifying these systems to meet modern cybersecurity standards, making it a crucial but often neglected investment.

Intellihartx Data Breach: Exposing Personal Health Records

Earlier this year, Intellihartx, a company responsible for handling patient healthcare information, fell victim to a devastating ransomware attack. The breach resulted in the compromise of nearly half a million individuals’ personal data, including names, addresses, dates of birth, and Social Security numbers. This incident underscores the critical need for robust cybersecurity measures within the healthcare industry and the importance of vetting vendors to ensure their cybersecurity practices meet stringent standards.

The incidents and vulnerabilities discussed in this article serve as stark reminders of the ever-present cybersecurity risks faced by individuals and organizations. It is imperative to prioritize proactive security measures, including vendor vetting, system updates, and user vigilance. By staying informed and taking appropriate precautions, we can collectively mitigate the threats posed by cybercriminals and safeguard our digital world.

Stay protected with Microsoft’s latest Patch Tuesday updates for June 2023, addressing major security vulnerabilities in the Windows operating system and software components. Discover the critical flaws, the closure of zero-day bugs, and the top fixes that enhance your system’s security.

In its commitment to ensuring robust security measures, Microsoft has released a series of essential fixes as part of the Patch Tuesday updates for June 2023. These updates encompass the Windows operating system and various software components, addressing major security shortcomings and fortifying system defenses against potential threats.

Critical Flaws and Vulnerabilities:

Among the 73 flaws addressed in the updates, Microsoft has classified six as Critical, highlighting their potential severity. An additional 63 flaws are rated as Important, followed by two classified as Moderate, and one as Low in severity. Notably, the Patch Tuesday updates also encompass the resolution of three specific issues in the Chromium-based Edge browser, further enhancing its security features.

Eliminating Zero-Day Vulnerabilities:

Microsoft’s dedication to proactive security measures is evident as they have also successfully resolved 26 flaws in the Edge browser since the release of the previous Patch Tuesday updates in May. These flaws, all rooted in Chromium, include the notable zero-day bug CVE-2023-3079. Initially disclosed by Google as being actively exploited, Microsoft promptly addressed this vulnerability, reinforcing the resilience of its products.

A Definitive Progress:

The June 2023 updates mark a significant milestone, as it is the first time in several months that no zero-day flaw has been publicly identified or reported under active attack during the time of release. This achievement underscores Microsoft’s relentless efforts to enhance the security posture of its products, providing users with a safer computing experience.

Key Fixes and Enhancements:

Leading the list of critical fixes is CVE-2023-29357, a privilege escalation flaw in SharePoint Server. The exploitation of this vulnerability could enable attackers to gain unauthorized administrator privileges. Microsoft emphasized that an attacker with access to spoofed JWT authentication tokens could execute network attacks, bypass authentication, and exploit the privileges of authenticated users, without requiring any additional privileges or user interaction.

In addition, the updates include the resolution of three critical remote code execution bugs (CVE-2023-29363, CVE-2023-32014, and CVE-2023-32015) within the Windows Pragmatic General Multicast (PGM) component. These vulnerabilities, with a CVSS score of 9.8, had the potential to enable malicious actors to execute remote code and initiate various unauthorized activities.

Furthermore, Microsoft has addressed two remote code execution bugs affecting Exchange Server (CVE-2023-28310 and CVE-2023-32031). These vulnerabilities, once exploited by authenticated attackers, could result in the execution of arbitrary code on affected systems, underscoring the importance of promptly applying the updates to ensure system integrity.

Microsoft’s Patch Tuesday updates for June 2023 deliver a significant boost to system security by addressing critical flaws, eliminating zero-day vulnerabilities, and fortifying key software components. By promptly remedying these security shortcomings, Microsoft continues to demonstrate its commitment to safeguarding user systems and data.

Organizations worldwide, both large and small, are falling victim to a mass exploitation of a critical vulnerability in a widely used file-transfer program. The attacks, carried out by the Russian-speaking Clop crime syndicate, have resulted in data breaches at prominent companies and government agencies. Despite the relatively small number of confirmed breaches, security experts warn that the exploitation is widespread and rapidly spreading, affecting banks, government agencies, and various targets across different industries. This article delves into the details of the attacks, the impact on affected organizations, the nature of the vulnerability, and the potential for further victim disclosures and extortion attempts.

This exploitation, initiated during the Memorial Day holiday as a zero-day vulnerability, has continued for over nine days, causing significant concern within the cybersecurity community.

Notably, renowned entities such as Zellis (a payroll service), the Canadian province of Nova Scotia, British Airways, the BBC, and UK retailer Boots have all experienced data breaches due to these ongoing attacks. The common factor behind these breaches is the exploitation of a recently patched vulnerability in MOVEit, a versatile file-transfer provider offering both cloud and on-premises services. Nova Scotia and Zellis had their own instances or cloud services breached, while British Airways, the BBC, and Boots were customers of Zellis. The Clop crime syndicate, a Russian-speaking group, has been identified as the orchestrator of these hacking activities.

Although the number of confirmed breaches remains relatively small, researchers closely monitoring these attacks describe the exploitation as widespread. They liken the hacks to smash-and-grab robberies, where intruders quickly seize whatever valuable data they can before making a swift exit. Disturbingly, the targets of these attacks span various sectors, including banks, government agencies, and other organizations.

Steven Adair, President of security firm Volexity, revealed that several customers running MOVEit Transfer with open Internet access were compromised. Adair added, “Other individuals we have spoken to have encountered similar incidents.” Caitlin Condon, Senior Manager of Security Research at Rapid7, expressed that her team typically reserves the term “widespread threat” for situations involving multiple attackers and numerous targets. However, given the exploitation of high-value targets across diverse organizations worldwide, Rapid7 made an exception in this case, categorizing it as a widespread threat.

Condon pointed out that it was only the third business day since the incident became widely known, and many victims may still be unaware of their compromised status. As time progresses and regulatory requirements for reporting take effect, it is expected that a longer list of victims will come to light.

Independent researcher Kevin Beaumont also disclosed via social media that a double-digit number of organizations, including US government entities and banking organizations, have experienced data theft. This underscores the severity and scope of the attacks.

The vulnerability in MOVEit stems from a security flaw enabling SQL injection, a common and longstanding method of exploitation. SQL injection vulnerabilities occur when web applications fail to properly sanitize user input, allowing attackers to manipulate queries and retrieve confidential data, gain administrative privileges, or manipulate application behavior.

According to a post published by security firm Mandiant, the Clop exploitation spree began on May 27, with instances of data theft occurring within minutes of the installation of a custom webshell known as LemurLoot. Mandiant’s researchers noted that significant volumes of files had been stolen from victims’ MOVEit transfer systems. The webshell, cleverly disguised with filenames such as “human2.aspx” and “human2.aspx.lnk,” aimed to masquerade as the legitimate component “human.aspx” of the MOVEit Transfer service. Furthermore, Mandiant observed SQL injection attacks targeting the legitimate “guestaccess.aspx” file before interacting with the LEMURLOOT webshell.

On May 31, four days after the initial attacks, MOVEit provider Progress patched the vulnerability. However, reports emerged on social media, suggesting that threat actors were actively exploiting the vulnerability by installing a file named “human2.aspx” in the root directory of vulnerable servers. Security firms subsequently verified these reports.

MOVEit officials issued a statement acknowledging that as soon as they discovered the vulnerability, they promptly launched an investigation and informed their customers about the issue, providing them with mitigations to enhance their security. Within 48 hours, the company’s engineers disabled web access to the MOVEit cloud service, developed a security patch, and made it available to customers. They also applied the patch to the cloud implementation.

In their ongoing efforts to address the situation, MOVEit is collaborating with leading cybersecurity experts, engaging with federal law enforcement agencies, and taking comprehensive measures to combat the increasingly sophisticated tactics employed by cybercriminals. The company remains committed to securing widely used software products and actively participating in industry-wide initiatives to safeguard organizations from malicious exploits.

Formally attributing the attacks to the Clop group, Microsoft named the operation “Lace Tempest” and associated it with a ransomware campaign connected to the Clop ransomware group. Mandiant’s investigation also revealed similarities in tactics, techniques, and procedures used by the attack group FIN11, which has previously deployed Clop ransomware.

As of now, there have been no reports of victims receiving ransom demands. The Clop extortion site has remained silent about these specific attacks. However, Mandiant researchers anticipate that victim organizations may receive extortion emails in the coming days or weeks if the ultimate goal of this operation is extortion.

The incident timeline highlights the urgency and speed with which organizations must respond to critical vulnerabilities. MOVEit’s swift response in developing a patch and actively assisting customers demonstrates the importance of proactive cybersecurity measures and collaboration among stakeholders.

The widespread exploitation of the critical vulnerability in the widely used file-transfer program has posed significant challenges for organizations of all sizes. The activities orchestrated by the Clop crime syndicate have targeted valuable data across various industries, raising concerns within the cybersecurity community. The incident serves as a reminder of the ongoing threat landscape and the need for robust security measures to mitigate potential risks. Organizations must remain vigilant, promptly address vulnerabilities, and collaborate with industry experts to protect their valuable data and systems from ever-evolving cyber threats.

Discover the challenges and opportunities of artificial intelligence (AI) in Canada’s digital economy. Explore the legal and regulatory landscape, data protection concerns, ethical considerations, and the evolving role of AI in various sectors.

With intense global competition to lead in AI, artificial intelligence has been a driving force in digital economy innovation. Canada, aspiring to be among global AI leaders, has received substantial funding from federal and provincial governments, as well as investments and research funding from universities, to develop innovative AI programs.

Different from automation, AI poses unique legal and regulatory challenges. One major hurdle is the inadequacy of rigid legal approaches that quickly become outdated with the introduction of new and rapidly evolving technologies.

What is AI?

AI encompasses a broad range of intelligent functions such as pattern recognition, optimization, natural language processing, decision-making, and hypothesis testing. The goal of AI is for machines to exhibit human-like behavior or perform actions requiring functional intelligence, inspired by human brains and behaviors.

As machines become more capable, tasks previously considered AI-based may no longer be classified as such. For instance, optical character recognition, once groundbreaking, is now considered routine technology, no longer falling under the AI umbrella.

AI has become ingrained in our modern digital world. From facial and voice recognition in smartphones to predictive analytics used by retailers, AI offers benefits like reduced technology infrastructure costs, increased productivity, enhanced operational resilience, and lower risk exposure.

What is Canada’s legal stance on AI?

In the legal field, AI aids in tasks like document review, legal research, drafting pleadings, and case analysis. However, the ethical implications of AI technology in legal services raise important considerations that demand attention.

While there is limited legislation specifically addressing AI in Canada, soft laws such as data governance standards, ethics codes, and regulatory frameworks have emerged. These guidelines provide practical suggestions but lack clarity and enforceability.

The legislative challenge lies in balancing social and economic interests while regulating AI to protect the public without stifling innovation. Privacy concerns, ethics, and human rights are at the forefront, requiring comprehensive review of data protection laws and the application of existing laws to ensure oversight and enforcement.

Canada is in the early stages of developing laws for AI and its advancements. As technology evolves, new challenges will arise, necessitating ongoing adaptation of legal structures. Instead of viewing these challenges as obstacles, they should be seen as part of the continuous process of human growth and development, driving flexibility and innovation essential for our existence.