fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Canada’s Foreign Affairs Ministry Hacked, Some Services Down

Canada’s Foreign Affairs Ministry Hacked, Some Services Down

The Canadian government department for foreign and consular relations, Global Affairs Canada was hit by a cyberattack last week.

While critical services remain accessible, some online services remain unavailable, as government systems continue to recover from the attack.

Also Read: This Educator Aims to Make Good Cyber Hygiene a Household Practice

Global Affairs Canada systems face network disruption

Global Affairs Canada (GAC) systems faced a network disruption after being hit with a cyberattack last week.

GAC is is the Canadian government department responsible for looking after the country’s diplomatic and consular relations, international trade, and leading international development and humanitarian assistance programs.

In a statement today, Treasury Board of Canada Secretariat (TBS), Shared Services Canada, and Communications Security Establishment together confirmed that a cyber incident involving Global Affairs Canada took place, sometime last week.

The attack was detected on January 19th, after which mitigation actions were taken.

The Canadian government further states while critical services continue to be available via Global Affairs’ online systems, “some access to internet and internet-based services” is not available as mitigation measures have been put in place and systems undergo recovery.

There is no indication that any other government departments were impacted by the attack, explains the government.

“There are systems and tools in place to monitor, detect, and investigate potential threats, and to take active measures to address and neutralize them when they occur,” says TBS.

Also Read: The 5 Phases of Penetration Testing You Should Know

Attack comes amid Ukraine-Russia tensions

Official sources have not yet revealed what was the cause of the attack or who are the threat actors behind it, as the investigation continues.

The cyberattack against the Canadian government comes at a time when Russia-Ukraine tensions continue to escalate.

Equally interesting is the fact that the attack happened around the same time as the Canadian Centre for Cyber Security issued a warning to “critical infrastructure operators” to be aware of and take mitigatory actions against known Russia-backed cyber threats.

“This investigation is ongoing. We are unable to comment further on any specific details for operational reasons,” says TBS.

“Our cyber defence and incident response teams work 24/7 to identify compromises and alert potential victims within the GC and Canadian critical infrastructure. The incident response team offers advice and support to contain the threat and mitigate any potential harm.”

Earlier this month, multiple Ukrainian government websites were defaced, including that of the country’s foreign affairs ministry.

Some suspected threat actors to be Russian although website defacement acts aren’t the typical attack method used by a Russian state-sponsored hacking group like GRU.

While the threat actors behind the incident are yet to be revealed, this isn’t the first time that attackers have successfully targeted Canadian government systems.

In November 2021, the Canadian province of Newfoundland and Labrador was hit by a cyberattack causing severe disruption to healthcare providers and hospitals.

In early 2021, Canada Post suffered a data breach due to ransomware attack against one of its third-party providers

Prior to that, hackers were able to access 9,041 GCKey accounts via the “credential stuffing” technique to steal tax relief payments from Canadians.

“We are constantly reviewing measures to protect Canadians and our critical infrastructure from electronic threats, hacking, and cyber espionage,” concluded the TBS, while encouraging everyone to follow cybersecurity best practices.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us