Cyberattacks Archives - IPOsgoode /osgoode/iposgoode/tag/cyberattacks/ An Authoritive Leader in IP Wed, 11 May 2022 16:00:00 +0000 en-CA hourly 1 https://wordpress.org/?v=6.9.4 Cybersecurity Attacks—War of a New Era /osgoode/iposgoode/2022/05/11/cybersecurity-attacks-war-of-a-new-era/ Wed, 11 May 2022 16:00:00 +0000 https://www.iposgoode.ca/?p=39538 The post Cybersecurity Attacks—War of a New Era appeared first on IPOsgoode.

]]>
Tianchu Cybersecurity

Photo by Michael Dziedzic ()

HeadshotTianchu Gao is an IPilogue Writer and a 1L JD Candidate at Osgoode Hall Law School.

Cybersecurity has become a major battlefield in the war between Russia and Ukraine. Even before Russia invaded Ukraine on February 24th, it had launched waves of cybersecurity attacks on a range of important social sectors of Ukraine. ÌýThe attacks in January focused on governmental websites. According to Ukraine officials, Russia had taken down around Ukraine government websites, including the central institutions such as the Cabinet of Ministers and the Security and Defense Council.

By February, brought down the websites of Ukraine’s defense ministry, army, and two largest banks: Ìý²¹²Ô»åÌý. Russia used a sophisticated that reached hundreds of computers from different organizations in Ukraine, including the defense, aviation, finance, and IT service sectors.Ìý Although Russia never officially admitted it, believe that the Russian government is behind the groups that launched these attacks.

Quad9, a domain name system platform, detected attacks against computers and phones in Ukraine on March 9th alone. According to cybersecurity expert , Ukrainians are experiencing increasing numbers of phishing and malware attacks during the war.

The Ukraine government responded to the attacks with support from and . The NATO Cooperative Cyber Defense Center of Excellence at Tallinn, Estonia, collaborates with Ukraine to strengthen its national cyber security. The EU had deployed a rapid-response team of ten cybersecurity experts from six different countries to help Ukraine mitigate the effects of the cyberattacks.

In addition to state actors, large private companies have lent Ukraine critical support. For instance, is helping Ukraine with cybersecurity. announced on April 7th that it had disrupted cyberattacks from Russia targeting Ukraine and organizations in the United States and Europe. Its representative claims that Microsoft can observe Russia’s attack on the Ukraine government and infrastructure since the beginning of the invasion. Microsoft works closely with the Ukrainian government and other organizations to help them defend against the onslaught. Another example is , a space exploration tech company. It provides civilians and tech companies in Ukraine access to the Internet via satellite in rural or disconnected areas.

Private companies, especially tech giants, have been unprecedentedly active in interstate warfare. As cybersecurity becomes an increasingly important part of national security, big tech companies are likely to have more power and a higher level of involvement in global conflicts. While this change may benefit the public interest, it inevitably calls for more scrutiny and regulation.

The post Cybersecurity Attacks—War of a New Era appeared first on IPOsgoode.

]]>
Phishing 101: What is Phishing? /osgoode/iposgoode/2020/09/03/phishing-101-what-is-phishing/ Fri, 04 Sep 2020 00:46:46 +0000 https://www.iposgoode.ca/?p=35834 The post Phishing 101: What is Phishing? appeared first on IPOsgoode.

]]>
Phishing is one of the seven common types of s. The others are malware, man-in-the-middle attacks (MitM), denial-of-service attacks (DDoS), SQL injection, zero-day exploit and DNS Tunneling. The is for the victim to hand over sensitive information by revealing important data like their username and password, or for the individual to download malware.

The phishing attackers and their email addresses, so it appears to come from a trustworthy source. They may also include links that redirect users to fake websites masked as legitimate web pages, where users are prompted to share confidential information. Phishing may also come in the form of text messages that appear to come from your or delivery companies. Thus, not only should you not provide your personal information, but you should also not click on links inside texts from numbers that you do not recognize, as that you may unknowingly download a malware program.

Moreover, in addition to coming from trustworthy sources, phishing attacks may also rely on . For instance, emails may include subject lines warning the individual about their compromised and urging them to provide their information fast. Perhaps that’s one of the reasons why during the COVID-19 crisis. There are , including carefully investigating the , that try to alarm or confuse, and However, it is important to state that these attackers, their technologies, and the social engineering techniques they deploy are also to put off the counter-cybersecurity protection.

Phishing attacks use social engineering, which typically involves some form of of the target into opening infected documents or providing personal information. Humans are the , and social engineering techniques are applied to take advantage of human error and negligence. Before the attack, cyber-criminals can prepare by collecting information on their targets for some time. They may research the individual by sites like LinkedIn or Facebook. Attackers use the information they collect on known interests of the target to to entice the target to click on malware-laced attachments. For instance, if the hacker gains access to the information that the target is a huge fan of a certain artist, the hacker may offer discounted tickets in the email.

For example, in 2016 and 2017, devastating cyberattacks named and the new variant were deployed. The attack the Ukrainian power grid, banking systems, and government agencies. The attackers used the employees of the bank and government to download a seemingly innocent Microsoft Word document that had malware. The was purporting to be a job applicant’s resume, which allowed the hackers to make admin-level changes once opened. This example demonstrates how attackers targeted due to their unique need to open attachments from unknown sources, and subsequently personalized their attacks.

Therefore, it is important to create among individuals, employees, and businesses to enable them to identify and avoid these threats. This security awareness training needs to encourage and transparency. Appropriate such as antivirus protection, download and acceptable use policies, data access policies, data back-up policies and encryption frameworks must be fully integrated into the ÌýMoreover, individuals and employees must they share on social media to limit the resources available to the attackers. Lastly, employees must be clearly instructed on how to once they have identified it.

To conclude, phishing attacks can significantly damage the businesses legally and financially, as it may diminish the operations, productivity, and integrity of data of businesses. Phishing can further lead to the public disclosure of embarrassing or damaging emails, causing loss of reputation and the public trust, which . Therefore, it is fundamental that cybersecurity awareness must be embedded in the company culture and prioritized, among other operational and legal risk management practices.

Written by Elif Babaoglu, a third year law student at Osgoode Hall Law School and an information privacy and cybersecurity enthusiast.

Ìý

The post Phishing 101: What is Phishing? appeared first on IPOsgoode.

]]>