Google Chrome blocking access to NCM’s ‘browser hi-jacking site’ governmentcontacts.com while depicting a cyber crime in progress, zeros and ones falling to the ground as digital forensic evidence. Screen shot captured May 2013.

ncms-governmentcontacts-com-july-2013

A View from the Front Lines

“Recent media attention has highlighted the proliferation of security breaches affecting us all. These security failures have not only resulted in significant expense to the organizations affected, but have significantly damaged trust and reputation. The sensitive data embedded within your networks and systems is a high value target to hackers”.

– Patrick Malcolm, Public Safety Canada Digital Forensics, Cyber Security Trainer, Ottawa, Canada

Promoting Cyber Security

Cyber security has gone from a niche IT issue to boardroom priority and Government of Canada Cross-Agency-Priority (CAP) goal.

govpages browser hi-jacking host

NCM’s Digital Paper Trail

When asked to comment on NCM Software Development Inc’s classic failure of operational security being posted online NGMS, CEO Richard Furlong replied, “NGMS has worked closely with government and law enforcement to investigate and analyze this situation. The truth is however, the evidence based digital paper trail speaks for itself, it remains incontrovertible and permanent. There is simply no legitimate or acceptable reason for any twenty year+ Government of Canada client to be hosting pernicious, browser hi-jacking software on two of it’s own corporate websites for nearly three years. 

With all due respect, there is no justification for prolonged security threats from any Government of Canada client, but especially one buying, repackaging and reselling GOC Employee Data, with a history of receiving large financial grants from the National Research Council [NRC–CNRC], the primary Research and Technology Organization [RTO] of the Government of Canada

Non-repudiating evidence shows NCM Software Development Inc. [GOVPAGES.ca] to have hosted malicious software [2012, 2013, 2014] designed to harm users by corrupting their data or attacking the operating system itself, or providing an exploitable ‘backdoor’ giving attackers unauthorized access to visiting networks.”

Trust is a Commodity

CCIRC partners and other information professionals need to keep score in order to maintain trust, reputation and relevancy.

Breaches may be reported to the Office of the Privacy Commissioner of Canada (OPC)

CCIRC Public Safety Canada

www.priv.gc.ca/resource/pb-avp/pb_form_e.asp

The Web has a very long Memory

The Digital Paper Trail for NCM Software Development Inc [a private sector corporation sourcing, repackaging and reselling Government of Canada data since early 90’s], shows an “astonishing” disregard for security.

It goes without saying, it is not professional industry protocol to host malicious software on a corporate web server for three years [2012, 2013, 2014]. Such actions are unethical, dishonest and their legality is at least questionable.

It matters not whether this adversary operator’s prolonged cyber threat was caused by incompetence or criminally complicit malicious intent, both reasons are fundamentally indefensible. These findings expose either a deficient appreciation at the executive level of how vital patching is for hardening an environment against cyber attacks [or] a three year disconnect with professional network security operations, both of which are sufficient to cost any organization that most elusive and essential quality “credibility”

It’s a cruel, cold world out there. Especially in cyberspace. It’s no secret that scammers actively prey on trust. As adversary operators become more sophisticated and adept in exploiting information technology, it becomes even more important for professional organizations to develop a risk mitigation strategy to detect, attribute and filter out persistent, malicious threats from our online communities.

Security Protocols are useless without Implementation

Cyber security is a shared responsibility, it requires close partnership between the federal government, the private sector, other levels of government, international partners and information professionals, to ensure that vital cyber systems are secure and Canadians can go online with confidence.

CCIRC partners include government, private sector organizations, security researchers and the national cyber security incident response teams (CSIRTs) in other countries. These partnerships enable threat information sharing that is critical to preventing, preparing for, responding to and recovering from cyber incidents.

This report is prepared in cooperation with the Canadian Cyber Incident Response Centre (CCIRC) and in collaboration with partners within and outside the federal government.

 

 

 

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s