Connect with us

Technology

Canada among targets of alleged Chinese hacking campaign

Published

on

[ad_1]

Jim Bronskill , The Canadian Press


Published Thursday, December 20, 2018 10:59AM EST


Last Updated Thursday, December 20, 2018 1:00PM EST

OTTAWA — Companies in Canada were among the targets of two Chinese citizens charged with waging an extensive hacking campaign to steal valuable data over many years, U.S. authorities say.

In an indictment unsealed Thursday, prosecutors say Zhu Hua and Zhang Shilong were acting on behalf of China’s main intelligence agency to pilfer information from several countries.

Beginning about four years ago, Zhu and Zhang waged an intrusion campaign to gain access to computers and networks of “managed service providers” for businesses and governments around the world, the indictment says.

Such providers are private firms that manage clients’ information by furnishing servers, storage, networking, consulting and information-technology support. Breaking into one such computer system can provide a route into multiple customers’ data; the hackers breached the computers of enterprises involved in activities ranging from banking and telecommunications to mining and health care, say the papers filed in U.S. District Court.

The indictment says Zhu and Zhang are members of a group operating in China known as Advanced Persistent Threat 10. They purportedly broke into computers belonging to — or providing services to — companies in at least 12 countries, including Canada.

How? According to the indictment, they used forged emails to get unwitting recipients to open files impregnated with security-breaching malware, a technique called “spear-phishing.”

The two suspects, who worked for Huaying Haital Science and Technology Development Co. in Tianjin, are accused of acting in association with the Chinese Ministry of State Security’s Tianjin State Security Bureau.

Canada’s Communications Security Establishment issued a statement supporting the U.S. allegations a few hours after the American announcement.

“Today, many of Canada’s allies and partners have made statements concerning the compromise of several Managed Service Providers. CSE also assesses that it is almost certain that actors likely associated with the People’s Republic of China (PRC) Ministry of State Security (MSS) are responsible for the compromise of several Managed Service Providers (MSP), beginning as early as 2016,” it said.

The statement said Canadian authorities detected the threat at the time and warned businesses in general terms about good security habits in dealing with these providers.

The CSE sent out a more detailed bulletin after Thursday’s indictments, advocating practices such as “multi-factor authentication,” which requires people to sign into computers in more than one way, and running background monitoring software that sends up an alert when an apparently legitimate user starts doing unusual things on a company network.

The alleged hackers provided Chinese intelligence officials with sensitive business information, said U.S. deputy attorney general Rod Rosenstein.

“This is outright cheating and theft, and it gives China an unfair advantage at the expense of law-abiding businesses and countries that follow the international rules in return for the privilege of participating in the global economic system,” Rosenstein said.

In one case, the indictment says, the APT10 Group obtained unauthorized access to the computers of an unnamed service provider that had offices in New York state and then compromised the data of the provider and clients in Canada, the United States, Britain, Brazil, Finland, France, Germany, India, Japan, Sweden, Switzerland and the United Arab Emirates.

The victims included a global financial institution, three telecommunications or consumer electronics companies, three manufacturing firms, two consulting companies, and businesses involved in healthcare, biotechnology, mining, automotive supply and drilling, authorities say. None of them is specified by name in the indictment.

The RCMP and Global Affairs Canada had no immediate comment on the U.S. charges.

In another campaign that began as early as 2006, the APT10 Group, including Zhu and Zhang, allegedly attacked the computers and networks of more than 45 technology companies and U.S. government agencies to steal valuable information and data about various technologies.

The group made off with hundreds of gigabytes of sensitive data by targeting the computers of companies involved in aviation, space and satellite technology, manufacturing, pharmaceuticals, and oil and gas exploration, among others, the indictment says. It also broke into computers that held data belonging to NASA and the U.S. navy and took private identify information of more than 100,000 navy personnel, the indictment says.

[ad_2]

Source link

قالب وردپرس

Technology

More groups join in support of women in STEM program at Carleton

Published

on

By

OTTAWA — Major companies and government partners are lending their support to Carleton University’s newly established Women in Engineering and Information Technology Program.

The list of supporters includes Mississauga-based construction company EllisDon.

The latest to announce their support for the program also include BlackBerry QNX, CIRA (Canadian Internet Registration Authority), Ericsson, Nokia, Solace, Trend Micro, the Canadian Nuclear Safety Commission, CGI, Gastops, Leonardo DRS, Lockheed Martin Canada, Amdocs and Ross.

The program is officially set to launch this September.

It is being led by Carleton’s Faculty of Engineering and Design with the goal of establishing meaningful partnerships in support of women in STEM.  

The program will host events for women students to build relationships with industry and government partners, create mentorship opportunities, as well as establish a special fund to support allies at Carleton in meeting equity, diversity and inclusion goals.

Continue Reading

Technology

VR tech to revolutionize commercial driver training

Published

on

By

Serious Labs seems to have found a way from tragedy to triumph? The Edmonton-based firm designs and manufactures virtual reality simulators to standardize training programs for operators of heavy equipment such as aerial lifts, cranes, forklifts, and commercial trucks. These simulators enable operators to acquire and practice operational skills for the job safety and efficiency in a risk-free virtual environment so they can work more safely and efficiently.

The 2018 Humboldt bus catastrophe sent shock waves across the industry. The tragedy highlighted the need for standardized commercial driver training and testing. It also contributed to the acceleration of the federal government implementing a Mandatory Entry-Level Training (MELT) program for Class 1 & 2 drivers currently being adopted across Canada. MELT is a much more rigorous standard that promotes safety and in-depth practice for new drivers.

Enter Serious Labs. By proposing to harness the power of virtual reality (VR), Serious Labs has earned considerable funding to develop a VR commercial truck driving simulator.

The Government of Alberta has awarded $1 million, and Emissions Reduction Alberta (ERA) is contributing an additional $2 million for the simulator development. Commercial deployment is estimated to begin in 2024, with the simulator to be made available across Canada and the United States, and with the Alberta Motor Transport Association (AMTA) helping to provide simulator tests to certify that driver trainees have attained the appropriate standard. West Tech Report recently took the opportunity to chat with Serious Labs CEO, Jim Colvin, about the environmental and labour benefits of VR Driver Training, as well as the unique way that Colvin went from angel investor to CEO of the company.

Continue Reading

Technology

Next-Gen Tech Company Pops on New Cover Detection Test

Published

on

By

While the world comes out of the initial stages of the pandemic, COVID-19 will be continue to be a threat for some time to come. Companies, such as Zen Graphene, are working on ways to detect the virus and its variants and are on the forefronts of technology.

Nanotechnology firm ZEN Graphene Solutions Ltd. (TSX-Venture:ZEN) (OTCPK:ZENYF), is working to develop technology to help detect the COVID-19 virus and its variants. The firm signed an exclusive agreement with McMaster University to be the global commercializing partner for a newly developed aptamer-based, SARS-CoV-2 rapid detection technology.

This patent-pending technology uses clinical samples from patients and was funded by the Canadian Institutes of Health Research. The test is considered extremely accurate, scalable, saliva-based, affordable, and provides results in under 10 minutes.

Shares were trading up over 5% to $3.07 in early afternoon trade.

Continue Reading

Chat

Trending