The Weekly New Rewire is a survey of cyber or adjacent news stories that I read this past week (or recently). Please leave a comment if you think I missed anything.

Editor Notes:

• I have completed the first rough draft of my dissertation (yay!). I will be entering a major editing phase over the next few weeks, so my availability may fluctuate.

• Go sign Tanya Janca’s Secure-Coding Petition! (Article on this coming soon)

• There are no indications of major Iranian cyber attacks yet, but be careful out there.

Leave a comment

Share

Canadian News

• A $10-billion AI data centre races ahead in a rural Alberta town, population 9,679

  • “The project, if built, would include the second-largest power plant in Alberta and consume as much electricity as the city of Edmonton.”

  • Reminds me of this article I wrote last year:

• Government of Canada AI Register

  • The Government of Canada has opened the consultation on the public AI register. The AI Register provides information on where and how AI is being used in the federal government. The consultation is specifically seeking information on if it include the right information and how the AI register could be make easier to use. Submissions end March 31

• CIRA MDR delivers a 24/7 Canadian-based managed detection and response cybersecurity service

  • I certainly did not see this coming. CIRA is the Canadian Internet Registration Authority, which is in charge of the .CA domain. This is a pretty smart move as demands for sovereign security options grow, CIRA already has a strong market position. It will be interesting to see them entering what I feel to be a already heavily competitive sector.

• Meta Director of AI Safety Allows AI Agent to Accidentally Delete Her Inbox

  • These are the people we are supposed to trust about AI safety. It appears they gave OpenClaw access to their computer and email, which led to the entire inbox being deleted. I have resisted covering OpenClaw at all because of how plain dumb it is, but may

• Google Cloud calls for unified AI defense as energy sector faces cyber ‘perfect storm’

  • There is a growing need to better organize and defend critical infrastructure sectors. Although they frame this as defending things, this is really trying to say we should put more things in the cloud. While they do so as a means to leverage greater security tools and security, this is just marketing.

• Cyberattaque au CSS du Fer : voici ce que les parents peuvent faire pour se protéger, selon Steve Waterhouse

  • Amid so many data leaks and breaches, I like Steve’s advice: assume your data will eventually be misused and respond accordingly. Compartmentalization, two-factor authentication, and password managers should all be the norm.

  • For my Francophone subscribers: I am working on including more Quebec and French content in some capacity. I do not know it myself

• AI minister ‘disappointed’ by OpenAI meeting held in wake of Tumbler Ridge shooting

  • Who is going to tell Evan Solomon that his rose-colored glasses, failure to recognize and address risks and security threats, approach is a product of this, and he is part of the disappointment?

  • Canada Tells OpenAI to Boost Safety Measures or Be Forced to by Government

    • This was based on statements from Justice Minister Sean Fraser. I would say this is likely all bark and no bite, but it remains to be seen if this tragedy will change the government’s course. The Carney government and AI Minister Solomon have sent major signals that they did not intend to be restrictive or will focus on regulations, particularly to distinguish themselves from the Trudeau government and to lean into the economics of AI.

    • The perpetrator had a second ChatGPT account after their first was banned and OpenAI has

    • Feds reconvene Trudeau-era online harms panel amid chatbot fears

• Bell and Hypertec partner to strengthen Canada’s sovereign AI ecosystem

  • I have said that the best short term pathway for Canada to quickly develop a capacity to compete domestically is for Canada’s big telecoms, such as Bell, to get into the game. This is potentially one step in that direction.

  • The problem with US corporations is geographic and legal. If a corporation operates in the United States, it is exposing itself to the US Cloud Act. This is why we need a Canadian corporation that either does not operate or minimal liability in the United States.

• Videotron taps Samsung to modernise Canadian 5G core

  • An example of when I talk about Canada does not have the ability to compete with hyperscalers and often must partner with non-Canadians. Time and again they have to partner with others, usually for infrastructure needs.

• Minister Anand and Minister McGuinty welcomed Republic of Korea counterparts to Ottawa

  • Includes major cyber component. North Korea is one of the most prolific state cyber threat actors, and the Republic of Korea is often a target for this. Increasing cyber relations and cooperation is good and cyber is a major component to Canada’s Indo-Pacific strategy.

• Canada’s critical infrastructure is being targeted in cyber attacks | Deception Decoded

  • Short interview with the Head of the Canadian Centre for Cyber Security Rajiv Gupta

• Bell invests $1 million in McKenna Institute to strengthen Canada’s cybersecurity talent pipeline

  • This investment will help establish the “McKenna Institute Cyber Talent Program powered by Bell Canada. This 12-to-16 week, full-time, industry-led intensive program is designed to complement existing academic pathways by providing applied, real-world experience that reflects the rapidly evolving needs of the cybersecurity sector.” Sounds like this is setting up a co-op program.

• Canadian Tire Data Breach

  • HaveIBeenPwned confirms Canadian Tire data breach.

• Quantum, cloud and cyber take shape in Canadian defence plan

  • I was interviewed for this news story on the role of quantum, cloud, and cyber in the Defence Industrial Strategy.

• CSE calls on Canadian organizations and critical infrastructure providers to strengthen defences on fourth anniversary of Russia’s invasion of Ukraine

  • Canada remains a favorite target for Russian cyber threat actors.

• CRTC Releases Updated Strategic Plan: CRTC takes action to connect Canadians through technology and culture

  • Focus appears to be on connectivity and competition.

• Federal support to help an Alberta business adopt artificial intelligence technologies and compete in global markets

• Canada and India deepen education collaboration with new talent and innovation strategy

  • Includes 13 MOUs between Canadian and Indian universities of tech/research organizations. A few of these include AI, computer science/engineering, and other cyber-related.

Canada Cyber Threat Watch

While not all attacks are reported or receive media attention, any notable or open-source cyber attacks on Canadian organizations and any relevant cyber threat intelligence to Canada will be posted here. I only list the Canadian Centre for Cyber Security’s (CCCS) alerts here, not all advisories; follow the full feed here.

• Alert - AL26-004 - Critical vulnerability affecting Cisco Catalyst SD-WAN - CVE-2026-20127

• CCCS Joint guidance on malicious cyber threats to SD-WAN networks

• 2026 CrowdStrike Global Threat Report: AI Accelerates Adversaries and Reshapes the Attack Surface

  • A crazy figure: Breakout time for initial access to network compromise went from 98 minutes in 2021 to 29 minutes in 2025.

    

• ByteVanguard Threat Brief Notes Canada as a Top Ransomware Victim

• Revolut says Telegram now Rivals Facebook as Top Fraud Source

  • Woohoo! Go Telegram and Facebook/Meta! You two are really knocking it out of the park for making the world a worse place.

• IBM Threat Index Report: AI is Speeding Up Cyberattacks, IBM Cautions Canadian Organizations

• Ransomware payment rate drops to record low as attacks surge

  • Ransomware victims only pay approximately 28% of the time

• Scattered Lapsus$ Hunters (SLH) Kicks Off Campaign to Recruit Women

  • With the prevelance of AI voice tools, it is interesting they are focusing on cruiting real women.

• New Gmail Account Attack Warning—Hackers Abuse Critical Security Check

• When Copilot Can See Too Much: Why AI Security Starts with Data Governance

Have your business and logo featured in Canadian Cyber in Context with a sponsorship.

Research and Op-Eds

Cyber Dimensions to the Defence Industrial Strategy

Alexander Rudolph

·

Feb 18

Read full story

Read my cyber review of the Defence Industrial Strategy. TL;DR: It will help a lot of Canada’s cyber industry, but there are gaps to overcome major hurdles regarding infrastructure and hyperscalers.

• The cybersecurity market is not consolidating. It is rewiring itself

  • Article by Francois Guay, creator of the Canadian Cybersecurity Network. It’s an interesting article. I especially like his emphasis on the importance of leadership, which is exactly the thing that I have been saying the Government of Canada is lacking on cybersecurity.

United States News

• North Korean Lazarus group linked to Medusa ransomware attacks

  • Medusa ransomware is a ransomware-as-a-service, which has been in operation for a few years now. North Korea is widely known to be heavily investing in ransomware operations to fund its regime, so this is continues to show it will use whatever tools are out there to get this done. Further, the fact that they appear to specifically be targeting healthcare is concerning for geopolitical reasons and because healthcare tends to be very cyber insecure.

• US Treasury sanctions Russian zero-day broker accused of buying exploits stolen from US defense contractor

  • They sanctioned OperationZero, which is the broker that purchased the exploits from the former L3Harris executive who was recently jailed:

• Former L3Harris Trenchant boss jailed for selling hacking tools to Russian broker

  • Sentenced to 7 years for selling 0day exploits to Russian buyer OperationZero.

• Marquis sues firewall provider SonicWall, alleges security failings with its firewall backup led to ransomware attack

  • Ouch. Cybersecurity companies, regardless of their services or products, should ensure their contracts are sound.

• Exclusive: US orders diplomats to fight data sovereignty initiatives

  • The United States does not want Canada to have digital sovereignty. For Canada to control what happens within its laws with data is apparently a concern for the United States. This should be a wake up call.

• Anthrophic Refuses to Remove Safeguards Preventing Autonomous Killing

  • Pentagon wanted no safeguards. Anthrophic reasonably understand why that’s a problem. Then Hegseth and the Trump Admin has proceeded to throw a temper tantrum and ban all federal agencies to cease using Anthrophic.

  • According to the New York Times: “the Pentagon wanted the company to allow for the collection and analysis of unclassified, commercial bulk data on Americans, such as geolocation and web browsing data”

• CISA replaces acting director after a bumbling year on the job

  • CISA has been gutted by the Trump admin and is stumbling at every step.

  • Canceled contracts, a failed polygraph and personal disputes: Inside the turbulent tenure of Noem’s former cyber czar

• Peace Corps Announces the Tech Corps

  • Using the Peace Corps to help people use… AI

  • This would be a good idea if it wasn’t focused on AI.

• Strikes on Iran will test US cyber strategy abroad, and defenses at home

  • There is a lot we still do not know about the use of cyber operations in the war against Iran, but we do know that Iran was innundated with attacks before Internet was cut.

European Union & United Kingdom News

• ShinyHunters extortion gang claims Odido breach affecting millions

  • Obido is the Dutch telecom that I included last week. ShinyHunters is one of the top extortion gangs working right now.

• Dutch police arrest man who refused to delete confidential files shared by mistake

  • Dutch police accidentaly gave a man access to confidential police documents and refused to give them back unless he receceived something in return. Police proceeded to arrest him for computer hacking. “Computer hacking” is an absolute major stretch here as the police accidentally sent a download instead of an upload link. The man (allegedly) willingly downloaded the files and tried to extort the police, so there is some level of wrongdoing here.

• Ransomware gangs advancing Moscow’s geopolitical aims, Romanian cyber chief warns

  • It’s long been known in the information security community that there is cooperation, or at least some level of communication, between Russia’s intelligence organizations and Russian cyber criminals. There has been some research to show that there are direct connections between the government and intelligence organizations and criminal groups. It’s why it is always noteworthy when Russia arrests any cyber criminals.

• US Orders diplomats to fight data sovereignty initiatives

  • This is not a surprise and the natural escalation of activities from a country who doesn’t want your business but your subjugation, but will punish you for not wanting their business. The best solution is to stop using US products. The United States does not want Canada to have digital sovereignty.

• New CLTC Report Analyzes Cybersecurity Policy Across State Legislatures

  • “lawmakers across 37 states passed 99 cybersecurity-related bills in 2025, establishing 393 new cybersecurity rules cumulatively.”

• Ukraine Turns Hackers and AI Loose on Its Own Weapons Marketplace to Hunt Cyber Threats

  • AIs and LLMs are increasingly being used for bug and vulnerability hunting, so it’s not a surprise that Ukraine is one of the first to scale this.

• ‘I can fight with a keyboard’: How one Ukrainian IT specialist exposed a notorious Russian ransomware gang

  • Ukraine has some of the best cyber operators in the world.

• Belarusian Cyber Partisans hacked Industrial Plant

  • Cyber Partisans hacked a plant belonging to Khimvolokno, which produces nylon uses for Russian military body armour.

• Netherlands Approves Sale of Solvinity to Kyndryl

  • Despite the Netherlands often being on the forefront of ensuring digital sovereignty, this means that a US company now owns most of the government’s cloud networks are now run by a US corportion.

  • As a Canadian I say welcome to the club!

• Palantir Sues Swiss Magazine For Accurately Reporting That The Swiss Government Didn’t Want Palantir

  • I am increasing hearing that Palatir is overrated anyways. Being overly litigious to protect your reptutation is increasing evidence maybe your product just sucks and the issue is the company just has no ethics and was the first in the game.

• UK Government cuts cyber-attack fix times by 84% and launches new profession to protect public services

  • A very cool initiative that I wish the Canadian federal government would also adopt.

• The cyber attack that accidentally fixed M&S

  • An interesting story that suggest M&S took time during their recovery from a cyber attack to rework its business that seems to have been a success.

• OpenAI agreement with the Department of War

  • OpenAI to allow Department of Defense to conduct domestic surveillance using Executive Order 12333, which allows the NSA to hide its domestic surveillance by tapping into infrastructure outside of the United States. This means OpenAI will be used by the NSA to conduct domestic surveillance against Americans.

  • Stop using OpenAI. Sam Altman is either a liar or is too stupid for his own good. This is a stepping stone to autonomous killing. This is Sam Altman and OpenAI helping the United States develop a means to avoid blame in war crimes by allowing them to blame AI.

• Ukraine says cyberattacks on energy grid now used to guide missile strikes

  • Cyberattacks on energy grid are used to collect intellligence to guide missiles strikes.

• Japan and the UK Announce Strategic Cyber Partnership Among Growing Global Focus on Privacy and Cyber Risks Posed by Foreign Actors

  • Canada has also signed a cyber-agreement with Japan and I believe Canada and Japan are already conducting defensive cyber ops together as well.

Other International News

• UAE claims it stopped ‘terrorist’ ransomware attack

  • Not sure I would say terrorist, but it’s not out of the question for a terrorist group to try ransomware as a source of funding.

• A Chinese official’s use of ChatGPT accidentally revealed a global intimidation operation

  • Chinese information operations are slowly picking up intensity..

• Air Côte d’Ivoire Data Breach

  • Cote d’Ivoire airline hit by INC Ransomware.

• Hacker Used Anthropic’s Claude to Steal Mexican Data Trove

  • “They don’t believe the attack is tied to a Foreign government.” The limited details about this attack are quite interesting. Does not sound like a normal cyber threat actor, but potentially domestic actor or espionage. This is a lot of data they stole.

• New Zealand Releases new Cyber Security Strategy

• AWS UAE suffers AZ outage after “objects strike data center” and cause fire, amid Iran attacks

  • Physical attack affecting infrastructure, but nothing major on cyber front yet.

Have your business and logo featured in Canadian Cyber in Context with a sponsorship.