The Canadian Cyber News Rewire is a survey of Canadian cyber and adjacent news stories from this past week (or recently). Questions or business inquiries: info@cyberincontext.ca

Share

Editor Notes:

• I have two new articles out with the Canadian Global Affairs Institute:

  • Following the Digital Snail’s Trail: The Short History of Canadian Armed Forces Cyber Operations

  • Everything You Should Know About CAF Cyber Command

• I have received a hefty round of feedback on my PhD thesis, so I may be a tad quiet outside the weekly Rewires.

Feature your business in Canadian Cyber in Context through sponsorship or advertising.

Canadian News

• Turning Complexity into Capability: Canada’s Defence Procurement System for Major Projects

  • Federal Procurement Ombudsman releases report about Canadian defence procurement. It doesn’t contain anything new, but the important takeaway is that if there is anything that drives the greatest change in the Canadian government, it is audits.

    • Procurement ombud report urges more oversight, transparency in defence contracting

      • This has particular relevance to recent news related to Palantir being given a non-compete contract.

• London Hydro data breach compromises customer information

  • Parallels with the Newfoundland breach, but likely not as severe.

• Klue hack results in data breach at several cybersecurity firms

  • The breach at Vancouver-based Klue is making international news because of how severe the attack appears to be.

• New Brunswick woman sues OpenAI, alleging ChatGPT led to daughter’s death

  • Canadian mother joins the amounting lawsuits against OpenAI and others for enabling deaths and harms.

• AI, security, and resilience in Canada: A conversation with Microsoft Canada National Security Officer John O’Brien

  • A good conversation/interview with Microsoft Canada’s top security officials. John’s a big reason why I haven’t completely written off Microsoft.

• “Buy Canadian” won’t fix defence procurement until Ottawa defines “Canadian”

  • Great article focused on software and digital issues with defence procurement.

• Cybersecurity coding bootcamp aims to help Canadian veterans transition to tech jobs

  • An article about Coding for Veterans, which has a partnership with the University of Ottawa.

• Canada bans “sophisticated deepfakes” of political figures

  • Coverage of the royal assent of Bill C-25, which amends the Canada Elections Act. A good backgrounder from the government here that breaks down the additions. This includes deepfakes, additional crime to misuse a computer to disrupt an election, make it against the law to intentional spread misinformation about election activities, and much more.

• Government of Canada supports Brampton businesses in strengthening resilience, adopting AI, and expanding into new markets

  • Total of $5.2 million for Brampton to support various business growth support, including $2.7 million for AI adoption.

• Foundations of Digital Sovereignty ~ Chapter 8 - Building Sovereign Canadian Compute

  • The next chapter in the Canadian Shield Institute’s Foundations of Digital Sovereignty series.

• Five Eyes cyber security agencies statement on the AI shift in cyber risk: why leaders must act now

  • Canada and the other Five Eyes partners publish warning about the security risks of AI that are fundamentally changing the security ecosystem, which requires countries and corporations to respond.

  • Funny how they don’t really recognize that Five Eyes are at the heart of why things are getting so bad.

  • Media coverage: Five Eyes cybersecurity agencies warn of new AI models impact on cyber risks

• Canadian Space Agency and MDA Space Conclude Contract for Replenishment Satellite Valued at $688M

  • “MSA has been awarded a contract by the Canadian Space Agency (CSA) to supply an advanced, synthetic aperture radar (SAR) satellite that will operate with the RADARSAT Constellation Mission (RCM) satellites.”

• RCMP hampered by outdated technology and ‘risk averse’ culture: report

  • Aren’t the RCMP also trying to argue it is lawful access laws which prevent them from doing work? What this may indicate is that the RCMP doesn’t have the digital tools itself. Not a big surprise: the real problem is the RCMP’s lack of digital modernization.

• Data centres hungry for power putting ‘extraordinary pressure’ on Hydro Ottawa

  • “We are being asked to build and support in the next two to three years what has taken us more the better part of 110 years to build…”

• Research Paper: Initiative, Not Attrition: Reconceiving Cyber Operations as Maneuver

  • CAFCYBERCOM’s LCol Gary Wolfman publishes article in Cyber Defense Review on the role of offensive cyber operations and initiative in conflict.

• The presentation of the first DISTANTIA bars for remote warfare

  • CAFCYBERCOM Commander Dave Yarker presented these medals for the first time. The distantia bar for the Special Service Medal is new, first introduced in 2024 to recognize those who have a direct impact on overseas operations from remote locations, such as in Canada.

• Wampum Belt gifted in celebration of Indigenous culture and relationship

  • Canadian Forces Station Leitrim held a ceremony celebrating Indigenous culture, service and relationship. Leitrim is a major CAFCYBERCOM base that houses the Canadian Forces Network Operations Centre, so many participants were part of the Cyber Forces.

• Canadian Armed Forces participates in Exercise VALIANT SHIELD 2026

  • Cyberspace was included as part of this exercise, but it's unclear to what degree CAF Cyber Forces participated.

• Russia Breaks Into Human Rights Activist’s Phone With Cellebrite

  • Citizenlab discovers that Russia used Israeli spyware Cellebrite to access a human rights activist’s phone even after Cellebrite claimed it ended its contracts with Russia.

• Canada and Germany to strengthen collaboration on semiconductors

  • Canada and Germany to announce partnership on semiconductors on Monday, June 29.

• Government pre-publishes regulations to prevent fraud and facilitate the next phase of consumer-driven banking

  • Nearly half of all cybercrime incidents in Canada are fraud, so this is something to watch. Proposed regulatory changes were published in Canada Gazette.

• Cyber Safety Student Symposium Empowers Students in a Digital World

  • Article on the Cyber Safte Student Symposiuym at a Waterloo school. We need to teach cybersecurty starting in primary school, so great to see it’s growing more common.

• New SAIT and Mastercard partnership targets cybersecurity gaps facing Canada’s small businesses and non-profits

  • Southern Alberta Institute of Technology and Mastercard partner for a cybersecurity training program. “SAIT Cybersecurity Learning Collective, powered by Mastercard, is a 10-week, 80-hour course designed for small businesses, non-profits and social enterprises, with the first cohort starting in September. Tuition is fully covered for eligible participants through funding from Mastercard, subject to program criteria and availability.”

• Minister Valdez announces investment in Toronto AI company that helps businesses connect with diverse markets

  • Minister for Small Business and Tourism announced an investment of $557,500 to Tulong Technologies a “Toronto-based company that uses artificial intelligence to help businesses better understand and engage diverse audiences.”

• Ontario Investing $60 Million to Upgrade Student Learning Resources

  • A digital modernization push for classrooms.

Parliamentary News & Upcoming Meetings

This section includes any House of Commons and Senate meetings that are relevant to Canadian cyber.

Parliament has begun its Summer break and will resume sitting on September 21.

Canada-Relevant News

As many issues don’t respect borders, this section is for stories that impact Canada, but may not be Canadian-sourced or focused, to differentiate from the previous section, which is 100% focused on Canada.

• Open-source security is posing challenges governments can’t easily solve

  • A growing problem is now reaching ecosystem disruption levels as AI is used to target open source software.

• The Tokenpocalypse Is Here: Companies Are Scrambling To Stop Spending So Much on AI

  • AI companies are slowly ending their subsidization of compute power, so now the real cost is showing to people and how the costs significantly outweight the low level benefits most AI is only able to provide.

• Patch the Planet: a Daybreak initiative to support open source maintainers

  • OpenAI-led project to help secure open source projects.

• Gartner Predicts AI Coding Costs Will Surpass Average Developer’s Salary by 2028 as Token Consumption Surges

  • As AI usage/tokens become more expensive, this will quickly upend a lot of plans for AI adoption that companies and the government fail to realize is already occurring.

• npm adds preventive account protection for high-impact accounts on Github

  • New protective measures have been added to Github, which will hopefully be a step forward in addressing security issues on Github, which has become a favorite vector of attack for threat actors.

• Fortibleed fallout: FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation

  • A Russian initial access broker is believed to be the one behind the major Fortibleed credential harvesting fiasco.

Canadian Cyber Threat Intelligence

Any relevant cyber threat intelligence to Canada will be posted here. I only list the Canadian Centre for Cyber Security’s (CCCS) alerts here, not all advisories; follow the full feed here.

• AryStinger botnet infected thousands of D-Link routers worldwide

• Ex-Huntress analyst claims company insider fed info to a ransomware crim. Social media drama ensues

  • CEO has denied and says there is no evidence. Getting pretty messy and probably will lead to some litigation.

• Russian APT ‘Gamaredon’ Upgrades Its Arsenal, Requiring New Defenses

• New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

• INC Ransomware Targets Mainframes: Exposed Servers Reveal Cross-Platform Payloads and APAC Campaign (h/t Catalin Cimpanu)

  • INC Ransomware develops ransomware for IBM mainframes.

• Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability

  • Popular Chrome extension to block Youtube ads secretly added an ability to execute arbitrary javascript.

Feature your business in Canadian Cyber in Context through sponsorship or advertising.

Share

United States News

• No, the NSA wasn’t hacked by AI. Here’s what actually happened

  • You may have heard or read about Anthropic’s Mythos easily hacking NSA networks. There are a lot of caveats to this and it should not be taken at face value. This article unpacks that and explains that, while yes, it is potent, it requires a lot more to do remotely what was suggested.

• Secret Service Driven to Personal Phones by Heavy Limits

  • This is a pretty bad security lapse, but one that often occurs. Auditor blames Homeland Security’s Chief Information Officer.

• $3 Million Reportedly Stolen in Polymarket Hack

  • $3 million stolen in a phishing incident.

• Federal Workers Can’t Get the White House’s App Off Their Phones

  • There is a concern that this app is being used to monitor federal workers.

• Agencies have four months to finalize quantum-ready migration plans

  • Canada already has plans for this and is ahead of the United States.

  • We can refer to ITSM.40.001: Canada’s plans are to be post-quantum safe by the end of 2031 for high-priority systems and 2035 for remaining systems.

    

• Meta pauses employee monitoring program after data protections fail

  • A surprise to no one. Such a program would be illegal to implement in Canada in most jurisdictions.

• Ford had to hire back former engineers to fix mistakes made by its automated systems

  • AI is increasingly viewed as an infallible tool, but many places are quickly finding that it often does not work, and it can cost a lot of money.

United Kingdom and European Union News

• Two men plead guilty over £39m Transport for London cyber attack

  • The 2024 hack disrupted the transit service for three months.

• Russian hackers were behind $2.5 billion hack of Jaguar Land Rover: Report

  • The major incident on Jaguar that cost the British economy $2.5 billion was the result of Russian hackers. It appears they are not sure if the actor is a government or a criminal, which itself is quite telling and may suggest there could be some blurring of being both criminal, but cooperating with the government.

• Global cyber strike disrupts SocGholish, Amadey, and StealC malware networks

  • Europol with international law enforcement partners (including Canada) takes down three cybercrime as a service groups.

• The Italian Competition Authority launches investigation into the “Microsoft 365” subscription price increase

  • A lot of price increases of late due to unwanted AI. This is Italy’s response.

• [Translated] Deputy Ostanina proposed slowing down online gaming in Russia, similar to Telegram. (H/T Catalin Cimpanu)

  • I literally was saying months ago that Western countries should specifically targeting online gaming for sanctions. It will have an enormous impact on Russia’s ability to cope with the war. Now the governme t is already considering the same, which I will be surprised if they do as they probably fail to realize just how much online gaming in Russia is a lynchpin to youth engagement.

Other International News

• Japan defense forces used USB drives with China-linked virus: Nikkei investigation

  • “USB drives are the dirty needles of sensitive networks.” - Joe Slowik

  • Additional reporting/Unpaywalled article: Fake USB Sticks Spread China-Linked Virus in Japan’s Army

• Four in five under-16s in Australia using social media despite ban, study shows

  • Canada wants the same thing. It raises questions about the efficacy of these laws when they know they won’t work.

• Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign

  • A lot of the hallmarks of Chinese state hackers.

• Tata Electronics confirms cyberattack after alleged Apple, Tesla documents appear online

  • Tata is a pretty major electronics producer. Potentially is part of a breach by World Leaks, who previously stated they had stolen files from Tata Electronics, but reporting indicates this has yet to be verified.

Feature your business in Canadian Cyber in Context through sponsorship or advertising.

Share

Media of the Week