Archive for February, 2021

« Older Entries
Newer Entries »

Clubhouse Pwned…. And Privacy Concerns Emerge

Posted in Commentary with tags on February 22, 2021 by itnerd

Bloomberg is reporting that Clubhouse, which is an app that has gained popularity with people in the tech space, has had its chats breached not long after the company claimed to have stepped up security:

A week after popular audio chatroom app Clubhouse said it was taking steps to ensure user data couldn’t be stolen by malicious hackers or spies, at least one attacker has proven the platform’s live audio can be siphoned.

An unidentified user was able to stream Clubhouse audio feeds this weekend from “multiple rooms” into their own third-party website, said Reema Bahnasy, a spokeswoman for Clubhouse. While the company says it’s “permanently banned” that particular user and installed new “safeguards” to prevent a repeat, researchers contend the platform may not be in a position to make such promises.

Users of the invitation-only iOS app should assume all conversations are being recorded, the Stanford Internet Observatory, which was first to publicly raise security concerns on Feb. 13, said late Sunday. “Clubhouse cannot provide any privacy promises for conversations held anywhere around the world,” said Alex Stamos, director of the SIO and Facebook Inc.’s former security chief.

Well that’s not good. And this makes this situation worse:

A week ago, the SIO released a report saying it observed metadata from a Clubhouse chatroom “being relayed to servers we believe to be hosted” in China. Agora’s obligations to China’s cybersecurity laws mean that it would be legally required to assist in locating audio should the government contend it jeopardized national security.

That suggests to me that this app should be avoided regardless of how popular it is. And that’s highlighted by comments made by Lourdes Turrecha, founder and CEO of privacy consulting firm PIX LLC. He wrote on Medium that Clubhouse rolled out its app without much regard for privacy. Turrecha claims that Clubhouse collects not just its users’ personal information but also their contact information. Further, Turrecha says, Clubhouse also accesses users’ Twitter account information without explaining why. That’s not good and maybe those who think that using Clubhouse is the new hot thing to do may now want to think twice.

Leave a comment »

A Follow Up To The Senior Who Was A Victim Of A Tech Support Scam

Posted in Commentary with tags on February 19, 2021 by itnerd

Earlier this week I detailed the story of a senior who fell victim to a tech support scam. These sorts of scams infuriate me as they target people who don’t know any better, or in this case they target people who are unable to defend themselves. Now there is good news, some areas for concern, and some bad news to report.

  • Let’s start with the good news. I did a second examination of her computer and found nothing “bad” on her computer and it appears to be working fine. Thus I have to assume that that after the scammer installed the remote access software, they put on “a dog and pony show” to convince her that her computer had serious issues.
  • Now to the areas of concern:
    • She got a phone call from what sounds like to me to be an automated system saying her credit card had two charges put on it and she mentioned something about having to press one or two to approve or reject the transaction. She was unable to really give me a better description than that. So I recommended that she call or visit her bank and have them review her transaction history with her to make sure that they did not somehow get her credit card details.
    • One concern of mine was that they might have stolen documents and files off her computer. The remote access software had no logs for me to look at. So I am unable to answer that question and the possibility that she might be a victim of identity theft might still be on the table.
    • The bad news is that she didn’t have call display, and any other details that she provided to me were on the scant side. So I am unable to report this to the relevant authorities (more on that in a second) as there is simply not enough for them to work with. Thus these scumbags continue to roam free without having the relevant authorities hunting them down, or yours truly naming and shaming them.

One other thing, the scammer did call back. But she hung up on them and avoided engaging with them.

So that leads to me to what you should do if you encounter this scam.

Fact: Microsoft, Apple, or Google would never call you to say that your computer is broken and it needs to be fixed. And I do mean NEVER. The exception might be your ISP as there’s a minute possibility that your ISP would call you if your computer has been infected with malware that could be sending out something from your computer. If a caller claims to be from your ISP, ask for the caller’s name, where his or her office is located, and for the office telephone number. Ask why you’re being contacted by telephone, what the issue with your computer is and how the ISP could tell it was your PC specifically that had a problem. If a call sounds legit, hang up and call the ISP yourself, then ask for the tech support department or for the person who called you specifically. Use a phone number listed on your ISP’s website or on your bill, not a number that the caller gave you. That way, you could confirm or deny if this is legit.

Now, if you get a call from a scammer. The best way to deal with them is to hang up. That’s it. Hang up and move on with your life. You can’t get scammed if you do not engage. But let’s say you did actually fall for this. You need to act fast. First, shut down the computer. Then do this:

  1. First download and install legitimate antivirus software. Then, run a scan to see if anything has been left behind. Then change the passwords on the user accounts on your PC. You don’t have passwords on the user accounts? You should precisely for this reason. If you don’t feel comfortable doing any of these items, call an IT expert for help.
  2. If you gave the scammer your credit card number, then you really need to act fast. Call your credit card provider and either reverse the charges or cancel the card.  Then you should also contact one of the three credit-reporting agencies. Namely Equifax, Experian or TransUnion and ask them to place a free 90-day credit alert on your file. For the record, Experian doesn’t operate in Canada but the other two do. The agency you contact will alert the others and you’ll be notified if someone tries to do something in your name.
  3. Report it. Microsoft has a Web page dedicated to reporting tech-support scams. The U.S. Federal Trade Commission has a website for fielding complaints, while the Canadian Anti-Fraud Center is the place to go if you’re in Canada.

As you can see, getting hit by a scammer is not a trivial matter. You need to be on your toes to avoid this sort of thing. If you are, then you should never have to worry about the negative effects of being scammed. I’ll continue to document these sorts of scams, and where possible I will name and shame the scumbags behind them. Plus I will provide details so that hopefully you will never be a victim.

1 Comment »

Infographic: A Spectrum Of Microsoft’s Companies

Posted in Commentary with tags on February 18, 2021 by itnerd

Further information can be found here.

Leave a comment »

New LinkedIn Data Reveals What’s Keeping Canadians In Their Current Jobs

Posted in Commentary with tags on February 18, 2021 by itnerd

In previous editions of the Workforce Confidence Index, LinkedIn examined what Canadian jobseekers are willing to do to land their next roles in this tough labour market. But what effect is the pandemic having on Canadians who are currently employed?

LinkedIn’s latest research looks at what’s motivating Canadian workers to stay in their current roles right now – and how that may differ across generations:

  • As Canada’s official unemployment rate in January rose to its highest since August, the latest Workforce Confidence Index survey found roughly two thirds (68%) of employed Canadians are “sheltering” in their current jobs in some form – that’s to say prioritizing a steady pay cheque over career growth or work they find inherently rewarding.
  • More than half (53%) cited a steady paycheck as a top motivator for staying in their current position, while roughly a quarter pointed to their organization’s perks and benefits as a key motivator (a figure that jumped to 37% among members of Gen Z).
  • About 15% of respondents said they were largely keeping their roles to wait out the pandemic for a more favourable job market, although that figure climbed to 28% among millennials, and was as low as 9% among baby boomers.

For the full results, including additional insights on three downtrodden Canadian industries that have seen a jump in optimism over the last few months, visit here

Methodology

LinkedIn’s Workforce Confidence Index is based on a quantitative online survey that is distributed to members via email every two weeks. Roughly 1,000+ Canada-based members respond each wave. Members are randomly sampled and must be opted into research to participate. Students, stay-at-home partners & retirees are excluded from analysis so we’re able to get an accurate representation of those currently active in the workforce. We analyze data in aggregate and will always respect member privacy.

Data is weighted by engagement level, to ensure fair representation of various activity levels on the platform. The results represent the world as seen through the lens of LinkedIn’s membership; variances between LinkedIn’s membership & overall market population are not accounted for.

Leave a comment »

Capgemini & OVHcloud Announce Global Alliance Partnership

Posted in Commentary with tags on February 18, 2021 by itnerd

Capgemini and OVHcloud today announced a global alliance partnership agreement intended to address the cloud transformation needs of public and private organizations. The alliance partnership combines the power and innovation of OVHcloud’s next-generation cloud solutions with Capgemini’s deep experience in data protection, security, AI and data analytics, applications, cloud managed services and cloud native development. The combined expertise will help organizations create secure cloud infrastructure with internationally recognized levels of security.

Unifying Capgemini and OVHcloud’s commitments to secure cloud transformation, the two companies have formed an alliance partnership. Together, they intend to build complete sovereign cloud solutions in the context of the European Alliance on Industrial Data and Cloud and the Important Project of Common European Interest (IPCEI) on Cloud Infrastructure and Services due to be launched in 2021. 

The companies will cooperate to leverage their capabilities globally, offering organizations access to a unique set of services and skills for secure, end-to-end cloud infrastructure services in public, private and hybrid clouds. The solution is also intended to promote open source software and leverage GAIA-Xstandards on cloud federation, to allow interoperability, portability, trust, and transparency across infrastructure, applications and data. The global alliance partnership will notably allow to enable the development of European data spaces that bring together public and private players to generate value from data.

In line with their respective commitments to reduce their environmental footprint, OVHcloud and Capgemini will work together to enable a sustainable use of cloud services. This will include ensuring their common solutions strive towards carbon neutrality by optimizing usage of resources according to client needs, promoting a more energy efficient supply chain, managing infrastructure and hardware lifecycles and favoring a more local mix of energy sources.

The alliance partnership builds on Capgemini and OVHcloud’s long-standing collaboration with several global software vendors to propose end to end integrated sovereign solutions, leveraging the OVHcloud Open Trusted Cloud, SecNumCloud and health data hosting labels.

OVHcloud and Capgemini will work together to combine capabilities and investments to develop their collaboration globally. Capgemini will also bring its deep experience in the global cloud market, and its internally developed IP, to support joint clients in accelerating their cloud journey.

Leave a comment »

Five Technology Trends That Will Reinvent The Future: Accenture

Posted in Commentary with tags on February 18, 2021 by itnerd

According to the Accenture Technology Vision 2021,technology was a lifeline during the global pandemic – enabling new ways of working and doing business, creating new interactions and experiences, and improving health and safety. Technology forever changed expectations and behaviours and created entirely new realities across every industry. As companies shift from reacting to the crisis, to reinventing what comes next, the boldest, most visionary leaders  those who use technology to master change – will define the future, says the 21st annual report from Accenture predicting the key technology trends that will shape businesses and industries over the next three years.

The report, “Leaders Wanted: Masters of Change at a Moment of Truth,” outlines how leading enterprises are compressing a decade of digital transformation into one or two years. Relying on a strong digital core to adapt and innovate at lightning speed, leaders are growing revenues 5x faster than laggards today, versus only 2x faster between 2015 to 2018, according to Accenture research. The result is a wave of companies racing to reinvent themselves and use technology innovations to shape the new realities they face. 

Accenture surveyed more than 6,200 business and technology leaders from 31 countries for the Technology Vision report, and 92% of those leaders report that their organization is innovating with an urgency and call to action this year. And 94% of Canadian executives agree capturing tomorrow’s market will require their organization to define it, compared to 91% globally.

Shaping the future will require companies to become masters of change by adhering to three key imperatives. First, leadership demands technology leadership. The era of the fast follower is over—perpetual change is permanent. Tomorrow’s leaders will be those that put technology at the forefront of their business strategy. Second, leaders won’t wait for a new normal; they’ll reinvent, building new realities using radically different mindsets and models. Finally, leaders will embrace a broader responsibility as global citizens, deliberately designing and applying technology to create positive impacts far beyond the enterprise to create a more sustainable and inclusive world.

The Technology Vision identifies five key trends that companies will need to address over the next three years to accelerate and master change in all parts of their business:

  • Stack Strategically: Architecting a Better Future  A new era of industry competition is dawning – one where companies compete on their IT systems architecture. But building and wielding the most competitive technology stack means thinking about technology differently, making business and technology strategies indistinguishable. Ninety-one percent of Canadian executives believe that theirorganization’s ability to generate business value will increasingly be based on the limitations and opportunities of their technology architecture, compared to 89% globally.
  • Mirrored World: The Power of Massive, Intelligent, Digital Twins  Leaders are building intelligent digital twins to create living models of factories, supply chains, product lifecycles, and more. Bringing together data and intelligence to represent the physical world in a digital space will unlock new opportunities to operate, collaborate, and innovate. Sixty-six percent of Canadian executives surveyed expect their organization’s investment in intelligent digital twins to increase over the next three years, compared to 65% globally.
  • I, Technologist: The Democratization of Technology – Powerful capabilities are now available to people across business functions, adding a grassroots layer to enterprises’ innovation strategies. Now, every employee can be an innovator, optimizing their work, fixing pain points, and keeping the business in lockstep with new and changing needs. Ninety-two percent of Canadian executives believe technology democratization is becoming critical in their ability to ignite innovation across their organization, compared to 88% globally.
  • Anywhere, Everywhere: Bring Your Own Environment – The single biggest workforce shift in living memory has positioned businesses to expand the boundaries of the enterprise. When people can “bring your own environment,” they have the freedom to seamlessly work from anywhere – whether that’s at home, the office, the airport, partners’ offices, or somewhere else. In this model, leaders can rethink the purpose of working at each location and lean into the opportunity to reimagine their business in this new world. Seventy-four percent of Canadian executives agree that leading organizations in their industry will start shifting from a ‘Bring Your Own Device’ to ‘Bring Your Own Environment’ workforce approach, compared to 81% globally.
  • From Me to We: A Multiparty System’s Path Through Chaos – The demand for contact tracing, frictionless payments, and new ways of building trust brought into sharp focus what had been left undone with enterprises’ existing ecosystems. Multiparty systems can help businesses gain greater resilience and adaptability; unlock new ways to approach the market; and set new, ecosystem-forward standards for their industries. Eighty-nine percent of Canadian executives surveyed state that multiparty systems will enable their ecosystems to forge a more resilient and adaptable foundation to create new value with their organization’s partners, compared to 90% globally.

Prioritizing technology innovation in response to a rapidly changing world has never been more important. Consider the restaurant industry: 60% of restaurants listed as ‘temporarily closed’ on Yelp in July were permanently out of business by September. Through the chaos, Starbucks emerged as a leader, using technology to expand customer and retail channels. By August, three million new users downloaded its app, and mobile ordering and drive-thru pick up accounted for 90 percent of sales. As demand surged, it deployed an integrated ticket management system to combine orders from its app, Uber Eats and drive-thru customers into a single workflow for baristas. Starbucks also introduced a new espresso machine with sensors to track how much coffee was being poured and predict necessary maintenance. This is a powerful illustration of technology as the core enabler of a company’s agile, resilient and successful response to change.

For 21 years, Accenture has taken a systematic look across the enterprise landscape to identify emerging technology trends that hold the greatest potential to disrupt businesses and industries. For more information on this year’s report, visit www.accenture.com/technologyvision or follow the conversation on Twitter with #TechVision2021.
 

Leave a comment »

Guest Post: 59% Of Canadian Organizations Deployed VPNs To Combat Cyberattacks In 2020 Says Atlas VPN

Posted in Commentary with tags on February 18, 2021 by itnerd

Last year was challenging for organizations on many levels. Due to the global pandemic, many businesses were forced to close, while some shifted to remote work, which opened new opportunities for cybercriminals. This situation pressed organizations to look for new ways to improve their cybersecurity practices. 

According to the data analyzed by the Atlas VPN team, in 2020, Virtual Private Network (VPN) was the most popular cybersecurity tool to combat increased cyber threats among Canadian organizations. In total, 59% of Canadian companies deployed VPNs last year.

The second most commonly deployed cybersecurity layer last year in Canadian organizations was DNS Firewall. Overall, half of the companies introduced DNS Firewall as one of the security measures. Password manager occupied the third spot in the list  and was utilized by 46% of organizations.

Compared to 2019, fewer organizations took up these cybersecurity measures in 2020. However, last year Canadian organizations upgraded their cybersecurity practices by adding a more comprehensive range of security layers, such as VPN and single sign-on authentication. 

8 in 10 organizations suffered a cyberattack last year

Last year, the majority of Canadian organizations had to face cyberattacks. Overall, 80% of organizations handled at least one online assault in 2020. In comparison, 71% of Canadian companies experienced at least one cyberattack in 2019.

In 2020, cybercriminals frequently took advantage of the global pandemic to launch attacks. Over one quarter (28%) of Canadian organizations last year were targeted byCOVID-19 themed assaults.

Some Canadian organizations were targeted by cybercriminals more often than others. Over a fifth (21%) of organizations endured more than 10 attacks in 2020. The public sector received a bigger share of the attacks.

Despite the increase in cyberattacks, only around one-third of IT security professionals in Canadian organizations said they anticipated growth in human resources dedicated to cybersecurity.

Rachel Welch, COO of Atlas VPN, shares her thoughts on the lack of cybersecurity resources in organizations:

“It is clear that organizations must act quickly to address the lack of cybersecurity talent. After all, the year 2020 has taught us that we can not foretell what challenges lie ahead. Therefore, companies must always be ready to handle the ever-evolving cyberthreats.” 

To read the full article, head over to: https://atlasvpn.com/blog/59-of-canadian-organizations-deployed-vpns-to-combat-cyberattacks-in-2020

Leave a comment »

User Credentials From The Canada Revenue Agency Are Floating Around The Dark Web…. Yikes!!

Posted in Commentary with tags , on February 18, 2021 by itnerd

Clearly the Canada Revenue Agency has a serious IT security problem as two days ago an unknown number of accounts were locked as a precaution. Though the CRA wouldn’t provide details. Now we have those details. Apparently around 100000 accounts were locked because leaked login info was found on the dark web. Which of course is not good:

If you received an unexpected and cryptic email on Feb. 16 from CRA warning you that your email had been deleted from the agency’s web platform, MyCRA, do not worry: your account has not been breached.

In fact, the agency says it means that their new early cyber security issue detection system is working (though the communication strategy will be reviewed and it “regrets the inconvenience.”)

But that also means your login data has probably been compromised through a third-party breach and you will need to contact CRA in order to regain access to your online account, particularly if you plan on filing your 2020 taxes online starting next week.

“To be clear, these accounts were not impacted by a cyber attack at the CRA. These accounts have not been compromised and the action taken to lock the accounts was a preventative measure,” agency spokesperson Christopher Doody said in an emailed statement.

Steps on how to regain access to their online account will be sent to affected taxpayers by mail, he added.

I’m sorry, but this is a #fail on so many levels. First, simply sending an email out saying that your Canada Revenue Agency account has been locked is going to freak people out. That’s because the history of the Canada Revenue Agency when it comes to IT security quite frankly sucks as they have been repeatedly pwned by hackers. Thus if you get one of these emails, you are going to assume that hackers have pwned them again. It also doesn’t inspire confidence. I get that the Canada Revenue Agency was trying to act in the best interest of Canadians, but they way that they did it really isn’t fit for purpose. Hopefully they not only provide details about how these 100000 or so accounts were compromised, but they also rethink their communication strategy.

1 Comment »

Parler Appears To Be Hosted By A Company Called SkySilk…. Hmmmm…..

Posted in Commentary with tags on February 17, 2021 by itnerd

Yesterday, Parler rose from the dead and stumbled back on line. Though they have a bunch of other issues that keep them from being fully functional. At the time I said that a company called CloudRoute was hosting them. But based on this tweet, that appears not to be correct:

Prior to today, I had never heard of this company. But I think that SkySilk will get a lot of attention now. And not all of it positive for SkySilk.

SkySilk’s acceptable use policy suggests Parler might not get a free ride from SkySilk based on this verbiage:

“customers or End Users engaged in the dissemination of material that may cause us to be subject to attacks on our network, or that while technically legal, run counter to our corporate principles.”

Though whether SkySilk will enforce this remains to be seen based on this:

“We do not review, edit, censor, or take responsibility for any information customers or End Users may create.”

Thus this makes this situation interesting to watch because I suspect that it will not take long for their acceptable use policy to come into play given Parler’s previous track record.

Time to sit back and watch the fireworks.

Leave a comment »

Canada Facing Crisis Of Leadership & Expert Credibility: Edelman

Posted in Commentary with tags on February 17, 2021 by itnerd

Canada is facing a crisis in leadership and expert credibility. The 2021 Edelman Trust Barometer shows that in Canada, amid urgent problems and in a year of crisis, leadership is failing. The survey reveals government leaders, CEOs and religious leaders are not trusted to do what is right. An astounding 50 per cent of Canadians say that business leaders are purposely trying to mislead people by saying things they know are false and 46 per cent of Canadians say government leaders are doing the same.

Further, the credibility of experts saw a major decline year-over-year as well. Company technical experts and academic experts have declined 16 points in credibility; journalists are down four points; CEOs are down five points with only 29 per cent of Canadians believing they are a credible source of information, and Boards of Directors rank least credible at just 26 per cent, hitting an all-time low.

The survey highlights the growing struggle around trusted information and credible sources. Trust in all sources – traditional media, search engines, owned or social media – has declined significantly in the last year with only traditional news sitting in the neutral category. And, while doing better than their U.S. and global counterparts, nearly half of Canadians believe that journalists are purposely trying to mislead them by saying things they know are false, and more than half believe news organizations are more concerned with supporting an ideology than with informing the public.

To make matters more challenging, the 2021 Trust Barometer found that only 1 in 5 Canadians have good information hygiene. Good information hygiene is defined as three or more of the following actions: engaging with news, avoiding information echo chambers, verifying information and not amplifying unvetted information.  There’s a clear link between willingness to vaccinate and good information hygiene. Those with good information hygiene are more willing to vaccinate within the next year than those with poor information hygiene. In Canada, the vaccination gap – the difference in willingness to vaccinate between the two groups – is 14 points.

Slightly more than 1 in 3 Canadians surveyed say they are ready to be vaccinated as soon as possible. And a total of 66 per cent are willing to be vaccinated within the year—falling below the estimated 70 per cent or more required to achieve herd immunity as communicated by the Public Health Agency of Canada. Canada sits on par with the world on this front and only 7 points ahead of the U.S. when it comes to vaccination within the next year.

In a tumultuous year, Canadians say they are most worried about job loss (75%), cyber-attacks (65%) and climate change (63%). Only 60 per cent of Canadians are worried about contracting COVID-19 and nearly half of respondents worry about losing freedoms as a citizen in a year of lockdowns and mandatory stay-at-home orders.

Half of Canadians surveyed have witnessed layoffs or reductions in the workforce of the company they work for. 49 per cent worry that the pandemic will accelerate job loss due to automation.

Of the most important issues to Canadians, respondents list improving health care, addressing poverty and combatting fake news as top concerns.

For full results, visit https://www.edelman.ca/trust-barometer/edelman-trust-barometer-2021

There is a live event taking place at 1:00 p.m. EST today. To register for that event you can click here.

About the 2021 Edelman Trust Barometer 


The 2021 Edelman Trust Barometer is the firm’s 21st annual trust and credibility survey. The survey was powered by research firm Edelman DxI and consisted of a 30-minute online survey of n=1,500 Canadians nationally representative and weighted to reflect gender, age, and region distributions and was conducted between October 19 and November 18, 2020.

The Edelman Trust Barometer considers three populations: The Informed Public (aged 25-64, college-educated, in the top quarter for household income in their age group, and who engage with the news on business and public policy); the Mass Population (which accounts for everyone excluding the Informed Public); and the General Population, which refers to all those surveyed. The 2021 Edelman Trust Barometer online survey sampled more than 33,000 respondents, including 1,500 Canadians.

Leave a comment »

« Older Entries
Newer Entries »