Metrolinx Claims To Be Hacked By North Korea

Friday, February 23, 2018 9:31 pm, Posted by Absolute Destruction

At the end of January, the Bulletin of the Atomic Scientists moved its symbolic Doomsday Clock forward by 30 seconds. With its minute hand now resting at two minutes to midnight, the clock suggests the apocalypse is nigh. The last time it was this close to midnight (i.e., the end of the world) was in 1953, at a time when both the US and Soviet Union were testing hydrogen bombs during the Cold War. Today, the organization cites the dire nuclear competition between North Korea and the US as the reasons why the apocalypse could be near in 2018.

The nuclear rhetoric shared by Trump and Kim-Jung Un is concerning though no longer surprising. If you’re like the crew at Absolute Destruction & Recycling you read the news expecting to see mentions North Korea. It doesn’t take long, as the nation state is often the focus of political articles. But it may come as a surprise to learn that North Korea is now linked to the GTA.

At the end of January, Metrolinx claimed it was the victim of a North Korean cyberattack. Its spokesperson, Anne Marie Aikins, would not give many details regarding the attack, but she would say no customer information was compromised. She also went on to say investigators believe the attack first started in North Korea before it was routed through Russia.

The Ontario transit agency has failed to go on to explain why they think North Korea is behind this most recent attack. With no evidence to back up this claim, Metrolinx has gained many critics. That’s because cybersecurity researchers usually find it difficult to successfully attribute the source of most cyberattacks. Because it’s so hard, researchers typically give proof when identifying a culprit — especially when these claims involve a nation state.

Some of Canada’s leading cybersecurity experts criticize object

Among its critics is Eva Galperin, the director of cybersecurity at the Electronic Frontier Foundation (EFF). When she spoke to the CBC, she said, “simply saying 'Hey, that's North Korea' with nothing to back it up, is not the sort of statement I would put a lot of faith in.”

The CBC also spoke to Mark Nunnukhoven, the vice president for the cybersecurity company, Trend Micro. He said that, “coming out publicly, saying it was a particular nation state, escalates the stakes for no apparent reason.”

Another critic is University of Toronto professor Ron Deibert. He told the Globe and Mail, “if North Korea was indeed responsible for the attack, that would be a major development necessitating a Government of Canada response, since Metrolinx is a Crown corporation."

Metrolinx’s cyberattack acts as an important reminder

As Metrolinx cooperates with investigators, the recent attack — regardless of its source — underlines the value of maintaining robust security measures. It also serves as an important reminder for our readers to confirm the strength of their own security measures. Though the attacks on Ontario infrastructure is in an entirely different echelon than any potential attacks targeting your small business, your enterprise needs to take its security policies seriously. As we mentioned before, it’s your legal responsibility to protect your customer’s PI.

Small businesses are often more vulnerable to attacks because they don’t have the same budget to support comprehensive security infrastructure as larger businesses. Some security experts suggest adopting cloud-based data storage software if you don’t have an experienced IT security department. This transfers all your data to remote servers maintained by a larger company, which means you aren’t responsible for implementing or maintaining security infrastructure on your own.

Another way to increase your business’ overall security is by ensuring you have the appropriate shredding schedule for your business’ paper and electronic output. If you aren’t sure how often our team should be shredding your confidential material, we can answer your questions about the frequency of your pick-ups. When our services match your needs perfectly, we can work together to make sure your obsolete paper files and electronic devices don’t pose as security risks.

If you’re a small business owner in the GTA, contact us to learn more. One of our friendly customer service representatives will arrange a convenient shredding schedule customized for your business. Together, we can close the chain of custody once and for all with reliable document destruction.

© 2018 Absolute Destruction. All rights Reserved.