City of Ottawa website hacked

[spaminator]

Ottawa police website 'secure' says chief
By Doug Hempstead, Ottawa Sun
First posted: Sunday, November 23, 2014 01:28 PM EST | Updated: Sunday, November 23, 2014 01:35 PM EST
OTTAWA -- The Ottawa police website -- ottawapolice.ca -- was offline Saturday night until sometime just after 1 a.m. Sunday.


It has been up and down intermittently ever since. As of 11:30 a.m. Sunday, it was still down.


University of Ottawa professor Patrick McCurdy says the hack is likely a "denial of service attack" -- essentially loading a web page multiple times to crash a server and get it offline.


A hacker identified as Aerith has taken responsibility ­-- the same one who took responsibility for the City of Ottawa site switching to a black screen Friday night, with an image of a dancing banana and a threatening message toward an Ottawa cop.


Around noon Saturday police said they had no evidence their website or systems had been compromised, and operations were continuing as normal.


But Chief Charles Bordeleau issued a brief statement Sunday morning.


"Our investigative team alongside our Information Technology experts are working on identifying the source of the technical problems that occurred last night. Our network remains secure," he said.


The Supreme Court of Canada site was also down Saturday night but was restored shortly before 10 a.m. Sunday.


The city's website was taken down altogether to be restored, and reappeared by Saturday morning.


Aerith's Twitter account -- which indicated, likely falsely, that he/she was based in Turkey -- has since been suspended.


It was being used as a means for the suspected hacker to communicate with media as well as explaining future plans for other targets.


Those targets included the Toronto police website and "Aerith" told QMI Agency a high-profile display of hacking is planned for Monday, part of what has been called Operation Soaring Eagle.


doug.hempstead@sunmedia.ca


Twitter: @DougHempstead
Ottawa Police Service. (QMI Agency File Photo)

Ottawa police website 'secure' says chief | Ontario | News | Toronto Sun

 

[spaminator]

Hacker threatens Toronto cops and city website
By Maryam Shah, Toronto Sun
First posted: Sunday, November 23, 2014 09:10 PM EST | Updated: Sunday, November 23, 2014 09:16 PM EST
A hacker — who claims to be part of the group Anonymous — has threatened to target websites belonging to the City of Toronto and Toronto Police Service.


The pledge made by a hacker, who goes by the name Aerith, comes days after an attack on the City of Ottawa’s website. That city’s homepage was replaced with an image of a dancing banana and the name of an Ottawa police officer involved in a massive “swatting” case against a teen.


City of Toronto spokesman Jackie DeSouza confirmed the city is aware of what happened in Ottawa and that officials will “remain extra vigilant” as they monitor toronto.ca for suspicious activity.


“Similar attacks have occurred in the industry in the past and as a result, the city has ensured we have implemented security best practices to protect our corporate network and website,” she said in an e-mail Sunday night.


“In the unlikely event of a successful attack, we will respond immediately to restore service if interrupted,” DeSouza said.


Tory aware


A spokesman for Mayor-elect John Tory said the civic leader was “aware of the situation.”


“(We) will ask for a briefing from city officials at the earliest opportunity,” Amanda Galbraith said Sunday.


By Sunday evening, torontopolice.on.ca was unavailable online. Toronto Police did not respond to questions posed before and after the website went dark.


Aerith has said the targeted hacks come because a teen from Barrhaven — a suburban area southwest of Ottawa — faces swatting charges from Toronto, not just Ottawa. The hacker claims to have proof the kid was framed.


The youth’s father held a small press conference in Larkin Park on Sunday where he brought media up to speed with the case against his son.


“I want to thank the group Anonymous for the beautiful gift they have given me — the proof of my son’s innocence,” he said.


The man read an e-mailed statement on behalf of Aerith who proclaimed the Conservative Party of Canada’s website was among the next ones to be targeted, along with parl.gc.ca.


“We are helping the youth clear his name,” read the statement.


“He was framed. We will be disclosing documents in the coming days.”


Broken light bulb


At the press conference, the father showed a photo of a broken light bulb with what he claimed was a listening device found inside.


Ottawa Police Chief Charles Bordeleau said he wouldn’t comment on the photo, except to say it “looks like a light bulb.”


He wouldn’t say if Ottawa police use listening devices and if the device shown is in fact a listening device.


Aerith said that Anonymous tipped the father off about the listening devices because police e-mails had been intercepted.

Hacker threatens Toronto cops and city website | Home | Toronto Sun

Hackers vow 'complete rape' of Ottawa cop website
By Doug Hempstead, Ottawa Sun
First posted: Sunday, November 23, 2014 01:28 PM EST | Updated: Sunday, November 23, 2014 05:35 PM EST
OTTAWA -- The hacker who claims to have shut down the Ottawa police website most of the weekend plans to "completely rape" the site -- and many more.


Going by the name Aerith, he refers to "we" when speaking about the actions.


"We killed ottawapolice.ca with a denial of service," he said.


A "denial of service attack" happens by loading a web page multiple times to crash a server and get it offline.


Noted expert on the hacker group Anonymous, Gabriella Coleman said "DDos (distributed denial-of-service) campaigns" are easy to achieve -- a string of "zombie computers" are linked together to repeatedly open a particular website.


This service can be rented by hackers for about $20 a day, she said.


QMI Agency received a letter Nov. 12 which stated this is exactly what would happen.


"We will launch large DDoS campaigns at all governments, police forces. We will also hack into anything and everything," the note warned.


Aerith has also taken responsibility for the City of Ottawa site switching to a black screen Friday night, with an image of a dancing banana and a threatening message toward an Ottawa cop.


Around noon Saturday police said they had no evidence their website or systems had been compromised, and operations were continuing as normal.


Coleman said DDos campaigns are "low-level" stuff. Even the dancing banana defacement is easy to achieve.


"It's like graffiti," she said.


"Our investigative team alongside our information technology experts are working on identifying the source of the technical problems that occurred last (Saturday) night. Our network remains secure," Chief Charles Bordeleau said a brief statement issued Sunday morning.


The Supreme Court of Canada site was also down Saturday night but was restored shortly before 10 a.m. Sunday.


The city's website was taken down altogether and had to be restored, and reappeared by Saturday morning. A statement was released that afternoon.


"Ottawa.ca has now been restored, however, there may be delays in refresh times for some Internet service providers. We are confident that no corporate or resident information was compromised as a result of the breach. Issues were related to a third party service provider and have since been resolved. Residents can continue to access city services by contacting 311."


Aerith's Twitter account -- which indicated, likely falsely, that he/she was based in Turkey -- was suspended early Sunday but a new one was created later in the afternoon.


It was being used as a means for the suspected hacker to communicate with media as well as explaining future plans for other targets.


Those targets included the Toronto police website and "Aerith" told QMI Agency a high-profile display of hacking is planned for Monday, part of what has been called Operation Soaring Eagle.


doug.hempstead@sunmedia.ca


Twitter: @DougHempstead
Ottawa Police Service. (QMI Agency File Photo)

Hackers vow 'complete rape' of Ottawa cop website | Ontario | News | Toronto Sun

 

[Liberalman]

Post office mail is harder to hack.

 

[spaminator]

Syrian Electronic Army hacks CBC, other news sites
QMI Agency
First posted: Thursday, November 27, 2014 08:57 AM EST | Updated: Thursday, November 27, 2014 11:55 AM EST
The Syrian Electronic Army claimed responsibility for hacking numerous news websites Thursday morning, including sites for CBC News and U.K. publications OK Magazine, The Guardian and The Independent.
Some users would get a blank screen and a pop up window stating, "You've been hacked by the Syrian Electronic Army," and were then redirected to the group's logo, an image of an eagle bearing the Syrian flag and a message in Arabic.

The SEA is an amorphous hacker collective that supports Syrian President Bashar al-Assad. The group posted on its Twitter feed: "Happy thanks giving, hope you didn't miss us! The press: Please don't pretend #ISIS are civilians. #SEA"

"A part of our website run by a third-party was compromised earlier today," The Telegraph said on its official Twitter feed. "We've removed the component. No Telegraph user data was affected."

SEA has targeted The New York Times, the BBC and Microsoft sites in the past, as well as Twitter accounts of other media organizations.
Syrian Electronic Army hacks CBC, other news sites | News | Tech | Toronto Sun

 

[B00Mer]

The Secure Shell (SSH) Protocol by default uses port 22, they need to just change the port to something obscure and that only the server admin knows and they are out of luck.

Also, change all passwords using $, #, or @ in them and update scripts so there are no script vulnerabilities...

Then the Syrian Army can go packing.

 

[Canbyte]

Why hack a website? To show I can or to make others worry unnecessarily are often the only reasons.

 

[B00Mer]

Why hack a website? To show I can or to make others worry unnecessarily are often the only reasons.

asked and answered.

Why Do Hackers Hack Websites?? | Website Guardian | Protect Your Website From Hackers

 

[spaminator]

Hacker strikes Ontario government website
QMI Agency
First posted: Saturday, December 13, 2014 12:06 AM EST | Updated: Saturday, December 13, 2014 12:50 AM EST
TORONTO -- The Ontario government's website -- ontario.ca -- appeared to be the victim of a hacker attack for a couple of hours on Friday evening.
Around 9 p.m. ET Friday, people began to report on Twitter that a video for MC Hammer's 1990 hit "Can't Touch This" appeared on the ontario.ca website, along with a name and photo of a young boy and a message saying, "follow my f------ twitter or ill (sic) f------ dox ur ssns."
"Dox" is a reference to taking personal information from the Internet, and "SSNS" appears to be a reference to "social security numbers" used in the U.S.
CBC News reported Friday evening that they contacted the boy whose name and photo appeared on the website and that he denied any involvement.
The boy claimed someone who had been bullying him was behind the attack, CBC News said.
The Ontario government said no personal information was accessed or affected during the hack.
"A 3rd party domain routing traffic to ontario.ca was hacked -- not the govt's websites," the provincial government's press office tweeted. "No personal info or govt data was compromised."
The website appeared to be back to normal by late Friday evening.
- With files from David Akin
The Ontario government's website -- ontario.ca -- appeared to be the victim of a hacker attack for a couple of hours on Friday evening. A boy, whose name and photo appeared on the website, denied any involvement in the attack and claimed he was the victim of a bully. (David Akin/Twitter)

Hacker strikes Ontario government website | Ontario | News | Toronto Sun

 

[spaminator]

Anonymous claims responsibility for attack on Canadian government websites
Jim Bronskill, The Canadian Press
First posted: Wednesday, June 17, 2015 02:35 PM EDT | Updated: Wednesday, June 17, 2015 08:30 PM EDT
OTTAWA - No personal information was compromised during a cyberattack that temporarily crippled some federal government websites, says Public Safety Minister Steven Blaney.
The Anonymous online collective claimed responsibility for the attack -- which shut down several federal sites and played havoc with email -- as a protest against the recent passage of the federal anti-terrorism bill.
Early Wednesday afternoon, Treasury Board President Tony Clement tweeted that until full service was restored, the public should use 1-800-OCanada.
Several hours of government silence on the incident, known as a denial of service attack, followed.
The federal Cyber Incident Response Centre, which routinely publishes alerts and advisories, posted nothing about the events.
"We are working on restoring services as soon as possible," said a brief, late-afternoon statement from Dave Adamson, the government's acting chief information officer.
"We continue to be vigilant in monitoring any potential vulnerabilities."
Denial-of-service attacks, which bombard a site with traffic, are a common means of shutting down a web server.
Anonymous has carried out cyberattacks against governments, corporations and others in the name of free speech, Internet liberties and anti-capitalist causes.
There was no immediate confirmation that the loosely knit coalition was actually behind the assault on federal sites.
However, Blaney said there were no excuses for such an attack, noting "law-enforcement agencies" were looking into the matter.
"We are living in a democracy," Blaney said. "And there are many ways to express your views."
The incident follows a high-profile hacking of the National Research Council last year -- an episode the federal government blamed on a Chinese state-sponsored player. Beijing has denied involvement, accusing Canada of making irresponsible accusations.
Assaults that crippled computer systems at the Finance Department and Treasury Board in 2010 were linked to efforts -- possibly originating in China -- to gather data on the potential takeover of a Canadian potash company.
The government stresses it has since invested energy and millions of dollars in a national cybersecurity strategy.
"Cybersecurity is an issue that we take very seriously," Blaney said.
Two members of Anonymous sporting Guy Fawkes masks. AFP PHOTO/JOHANNA LEGUERRE

www.youtube.com/watch?v=gb2LT312DeA
Anonymous claims responsibility for attack on Canadian government websites | Can

 

[spaminator]

RCMP national website goes offline, Anonymous claims responsibility
THE CANADIAN PRESS
First posted: Sunday, July 19, 2015 03:28 PM EDT
OTTAWA -- The RCMP's website is down, but the cause is not clear.
However it comes a day after the cyber group Anonymous vowed to target the force to raise awareness about an RCMP officer involved in a shooting incident in B.C.
Anonymous has no identifiable leadership but online posters who say they're members have claimed responsibility in the past for hacking incidents including the shutdown of the city of Cleveland's website last fall.
Public Safety Minister Stephen Blaney's office and the Mounties did not immediately respond to questions about the RCMP website.
The website of Canada's spy agency, the Canadian Security Intelligence Service, was recently taken down by a cyberattack.
Police in the northern B.C. community of Dawson Creek shot and killed a man last Thursday who they say refused to comply with directions.
Social media posts claim the man was affiliated with Anonymous.
RCMP national website goes offline, Anonymous claims responsibility | Canada | N

 

[taxslave]

Time to see if bill C51 has any teeth.

 

[WLDB]

Meh, I only go on that site about once a year anyway.

 

[spaminator]

Public service labour board website hacked
THE CANADIAN PRESS
First posted: Monday, July 27, 2015 04:13 PM EDT | Updated: Monday, July 27, 2015 04:18 PM EDT
OTTAWA -- Hackers have broken into the network of the tribunal that adjudicates disputes between public servants and the federal government.
The website of the Public Service Labour Relations and Employment Board has been down since Friday after security officials discovered hackers had exploited a weakness to get into the tribunal's public network.
It's not known how long the hackers were in the system, or exactly what -- if anything -- they took during the breach, which was discovered last Thursday.
A spokeswoman for the Administrative Tribunals Support Service of Canada says the board's public network has been taken offline as a precaution and officials are trying to get the site back online as soon as possible.
Catherine Wright-Cadieux didn't say whether any personal information had been lost in the breach.
A spokeswoman for the federal privacy commissioner says the office was made aware of the breach Friday.
The Conservatives have placed a premium on protecting federal systems from hackers who routinely attack government systems looking for state secrets. Some attacks target weaknesses in smaller agencies in hopes of gaining access to wider federal networks.
Often, hackers can be inside a network for weeks or months before the breach is discovered.
The website of the Public Service Labour Relations and Employment Board has been down since Friday. (pslreb-crtefp.gc.ca screengrab)

Public service labour board website hacked | News | Tech | Toronto Sun

 

[spaminator]

Peel police Twitter account hacked
By Joe Warmington, Toronto Sun
First posted: Tuesday, May 31, 2016 07:23 AM EDT | Updated: Tuesday, May 31, 2016 07:30 AM EDT
Who is Keemstar and where is he or she hiding?
Peel Regional Police is working hard on the answer to both questions.
"Earlier this evening, Peel Regional Police's Twitter account, @peelpolicemedia, was hacked by an unknown party," confirmed Sgt. Josh Colley Monday night.
Of course, this was already widely known since people who follow the account saw someone with the handle Keemstar tweeting anti-police and vulgar posts.
Peel police wanted to reach out to the public to make it clear that they and their followers were victimized in this situation.
Needless to say, Peel police are not amused.
"The posts that were made during this time do not represent the beliefs or views of Peel Regional Police," said Colley. "We apologize for this inconvenience and we are investigating this incident."
You better believe they are. They not only have experts on cyber crimes, but they also teach the subject.
It could make for a sleepless few nights for whoever did the hacking.
But first things first. They had to get the vile postings off the Internet and that was done by pulling their Twitter account.
"The account has been deactivated and we will be up and running shortly so we can reconnect with all of our Twitter followers," said Colley.
And that includes you Keemstar - although the connection may involve handcuffs in your case.
As of Tuesday morning, the account was still not active.
Peel Regional Police's Twitter account was hacked Monday night.

Peel police Twitter account hacked | Toronto & GTA | News | Toronto Sun

 

[B00Mer]

This seems a bit more worrisome
Russian hackers hijack webcams worldwide — including at least four in Ottawa | Ottawa Citizen
Have you checked your webcam lately?

Hackers have created a website to hijack the webcam feeds of more than 73,000 people, including hundreds from Canada — and apparently at least four from Ottawa — and are sharing those video feeds with peeping Toms the world over.

The hackers’ website, believed to be based in Moscow, has collected live feeds from webcams around the world, showing the daily goings on within people’s homes, daycares, businesses and thousands of other locations. The site has 243 webcams that it claims originate in Canada.

One camera, which has geolocation data claiming that it originates in Orléans, shows the inside of someone’s kitchen where a load of groceries appears to have been dumped on the countertop. Another, located in a person’s apartment downtown, showed an orange-clad woman sitting at a table for a good part of the afternoon. A third simply monitors an Ottawan’s front driveway, while the fourth stands guard over somebody’s back door.

Ottawa wasn’t hit as hard as many other cities. One hacked camera in Arizona was tapped into a daycare showing the daily activities and napping routine of a group of toddlers.

The hackers have been able to access the live feeds as a result of lax security practices by the webcam owners.

Well aren't they lucky, they can see me strutting around my apartment naked... Lucky hacker.

I use dlink

 

[spaminator]

‘The insider threat is difficult to detect’; Feds warn of potentially crippling cyberthreat
Jim Bronskil, THE ASSOCIATED PRESS
First posted: Friday, September 23, 2016 07:57 AM EDT | Updated: Friday, September 23, 2016 08:10 AM EDT
OTTAWA — Federal officials have quietly warned operators of electrical grids, transportation hubs and other key infrastructure of the cyberthreat from insiders who could unleash devastating viruses and cripple systems, internal government notes reveal.
Crucial networks that Canadians rely on for everyday needs face a “substantial threat” from rogue employees out to wreak digital havoc, warn the Public Safety Canada briefing notes.
“The insider threat is difficult to detect and can cause real damage.”
No special hacking skills are required, just a portable memory key loaded with a malicious code. As a result, it is important that organizations have the right security protocols and procedures, “for example by limiting access to systems only to those who genuinely need it.”
A federal briefing on the insider threat was delivered last December to leaders of the 10 most crucial infrastructure sectors, the notes say.
They point out that over 90 per cent of critical infrastructure — key to delivering everything from food and clean water to banking and health services — is controlled by the private sector and all of it is dependent in one way or another on information technology to operate. Many critical infrastructure sectors are interdependent, meaning a problem in one could have a “cascading impact” in others.
The notes, prepared earlier this year for Monik Beauregard, a senior assistant deputy minister at Public Safety Canada, were obtained by The Canadian Press under the Access to Information Act.
Beauregard is chairing a panel today on the global implications of the challenges to cybersecurity at an intelligence conference in Ottawa.
In addition, Greta Bossenmaier, the head of Canada’s electronic spy agency, the Communications Security Establishment, plans to discuss the various cyberchallenges the country faces.
The conference comes as the Liberal government undertakes a cybersecurity consultation that runs through mid-October. The overall aim is to identify gaps and opportunities, bring forward ideas to shape a renewed approach and capitalize on the advantages of new technology.
State-sponsored hackers, sophisticated criminals, cause-motivated hacktivists and people out to make mischief online all pose a threat, the government warns.
Public Safety is already working with critical infrastructure operators to prepare for the possibility of a major cyberattack on the Canadian electrical grid and telecommunications systems, the internal notes say.
Security officials call such an occurrence a “black swan” — a rare but devastating event that requires special attention due to the potential for massive losses should it happen.
‘The insider threat is difficult to detect’; Feds warn of potentially crippling

 

[spaminator]

Hydro One, RCMP probing possible cyber threat | Ontario | News | Toronto Sun

 

[EagleSmack]

Hydro One, RCMP probing possible cyber threat | Ontario | News | Toronto Sun

Damn Ye Russians!

 

[spaminator]

Feds need help tackling cyberthreats, internal report warns | Canada | News | To

 

[spaminator]

PC Plus collectors warned after some points stolen | Money | Toronto Sun