{"id":26265,"date":"2022-08-01T07:17:59","date_gmt":"2022-08-01T11:17:59","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=495590"},"modified":"2022-08-02T10:38:53","modified_gmt":"2022-08-02T14:38:53","slug":"cyber-security-today-august-1-2022-alberta-gets-new-a-privacy-commissioner-apple-traffic-briefly-runs-through-russia-and-more","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-august-1-2022-alberta-gets-new-a-privacy-commissioner-apple-traffic-briefly-runs-through-russia-and-more\/","title":{"rendered":"Cyber Security Today, August 1, 2022 \u2013 Alberta Gets New Privacy Commissioner, Apple Traffic Briefly Runs Through Russia And More"},"content":{"rendered":"<p data-ar-index=\"0\">Alberta gets a new privacy commissioner, Apple traffic briefly runs through Russia and more.<\/p>\n<p data-ar-index=\"1\">Welcome to Cyber Security Today. It\u2019s Monday, August 1st, 2022. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.<\/p>\n<p data-ar-index=\"2\"><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/23912769\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\" \/><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p data-ar-index=\"4\">Today is a civic holiday in many Canadian provinces \u2014 and it\u2019s Colorado Day in that state \u2014 so thanks for tuning in.<\/p>\n<p data-ar-index=\"5\"><strong>The province of Alberta<\/strong> gets a new information and privacy commissioner today. Diane McLeod, who worked in the commissioner\u2019s office before becoming Yukon\u2019s ombudsman and information and privacy commissioner, takes over from Jill Clayton. Clayton served two five-year terms. Just before leaving office Clayton <a href=\"https:\/\/oipc.ab.ca\/wp-content\/uploads\/2022\/07\/PIPA-Breach-Report-2022.pdf\" rel=\"noopener\">released a report last week<\/a> analyzing 11 years of commission decisions. In the year that ended May 1st, 2021 there were 377 reports of breaches of security controls in Alberta companies involving personal information that could cause a real risk of significant harm to individuals. By comparison there were only 50 reports in the year that ended May 1st. 2010.<\/p>\n<p data-ar-index=\"6\">The leading cause of reported data breaches during those 11 years was compromised IT systems by things like installation of malware, exploitation of vulnerabilities and hacking. They accounted for 37 per cent of breaches. The second leading cause was theft of physical documents, laptops or portable storage devices. The third leading cause was transmission errors, which are things like misdirected emails or faxes. The fourth leading causes were social engineering and phishing. One more interesting number: It\u2019s taking longer for Alberta-based organizations to discover data breaches. Last year it took an average139 days. The year before it took 119. Part of the reason, says the report, is that compromised systems aren\u2019t immediately detected. Another is that it can be hard to determine the exact date an account was compromised.<\/p>\n<p data-ar-index=\"7\"><strong>Internet traffic<\/strong> of some Apple users ran through Russia for 12 hours last week. <a href=\"https:\/\/www.manrs.org\/2022\/07\/for-12-hours-was-part-of-apple-engineerings-network-hijacked-by-russias-rostelecom\/\" rel=\"noopener\">That\u2019s the finding by an internet routing agency called MANRS<\/a> for short. The traffic was redirected to the Rostelecom network. Was this a conspiracy? Was it a tactic in the Russia-Ukraine cyber war? Commentators at the SANS Institute, an IT training provider, say we shouldn\u2019t ascribe malice to something that could be explained by a simple typo. They also say the incident is another reason why end-to-end encryption should be used for all communications. MANRS also says it shows why Apple, and other network providers, should use Route Origin Authorizations to make sure internet traffic goes to where it\u2019s supposed to go.<\/p>\n<p data-ar-index=\"8\"><strong>Some computer users<\/strong> in the United States continue to be upset that they\u2019re getting targeted ads relating to their medical conditions. And they\u2019re blaming Facebook parent Meta. Last month an individual filed a class action lawsuit against Meta and two California medical institutions, alleging their health information had been captured from hospital websites in violation of federal and state laws by Meta\u2019s pixel tracking tool. The lawsuit comes after <a href=\"https:\/\/themarkup.org\/pixel-hunt\/2022\/06\/15\/facebook-and-anti-abortion-clinics-are-collecting-highly-sensitive-info-on-would-be-patients\" rel=\"noopener\">the news site The Markup did a big report<\/a> on the Meta Pixel found on a number of U.S. hospital websites. In California, as in many jurisdictions, class action lawsuits have to first be certified by a judge before proceeding. <a href=\"https:\/\/www.healthcaredive.com\/news\/Meta-class-action-suit-mined-patient-data\/625943\/\" rel=\"noopener\">The news site HealthcareDive.com notes<\/a> that in 2017 a class action lawsuit against Facebook for allegedly collecting and using health data for targeted ads without people\u2019s permission was dismissed. That decision is being appealed.<\/p>\n<p data-ar-index=\"9\"><strong>A U.S.-based marketing platform<\/strong> called OneTouchPoint used by a wide number of health insurers and medical providers <a href=\"https:\/\/1touchpoint.com\/notice-of-data-event\" rel=\"noopener\">has acknowledged<\/a> suffering a cyber attack in April that encrypted some files. Some news media are calling it a ransomware attack. OneTouchPoint can\u2019t say exactly what personal data was accessed by the hacker but it could include a patient\u2019s name and health assessment information. Thirty-five organizations including Blue Cross insurance providers in several states, the Humana health insurance company and the Kaiser Permanente healthcare provider have been notified.<\/p>\n<p data-ar-index=\"10\"><strong>Finally,<\/strong><a href=\"https:\/\/github.blog\/2022-07-26-introducing-even-more-security-enhancements-to-npm\/\" rel=\"noopener\"> GitHub is strengthening<\/a> the security on its open source NPM JavaScript repository. It began last week with an improved two-factor authentication process. Now developers can publish from the same IP address without having to enter a second factor confirmation every five minutes. In addition, developers can link their GitHub and Twitter accounts to their NPM accounts to help verify an account holder is who they say they are. Finally, a new process is available for more digital secure signing of NPM packages to prevent code from being tampered with. Coming soon, as previously announced, will be the enforcement of two-factor authentication for developers whose accounts have more than 1 million weekly downloads.<\/p>\n<p data-ar-index=\"11\">That\u2019s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That\u2019s where you\u2019ll also find other stories of mine.<\/p>\n<p data-ar-index=\"12\">Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p data-ar-index=\"13\">The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-august-1-2022-alberta-gets-new-a-privacy-commissioner-apple-traffic-briefly-runs-through-russia-and-more\/495590\">Cyber Security Today, August 1, 2022 \u2013 Alberta gets new a privacy commissioner, Apple traffic briefly runs through Russia and more<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This episode reports on a proposed class action against Meta, a cyber attack on a marketing provider used by US healthcare provider<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-26265","post","type-post","status-publish","format-standard","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/26265","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=26265"}],"version-history":[{"count":5,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/26265\/revisions"}],"predecessor-version":[{"id":26335,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/26265\/revisions\/26335"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=26265"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=26265"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=26265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}