Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Canada Security

Government of Canada's Plan To Improve Cybersecurity? Be Less Attractive (eweek.com) 112

darthcamaro writes: Though Justin Trudeau is the envy of many world leaders for his likeability, the head of of the Canadian Centre for Cyber Security at the Canadian Security Establishment (CSE), which helps to protect federal government networks says that his agency is trying to make Canada less attractive -- to hackers.

Speaking at the SecTor conference in Toronto Scott Jones said:
"By doing the basics, you're making the adversaries that come after you deploy more advanced tools and techniques, and you just might not be worth the expense," Jones said. "My ultimate goal is to make Canada unattractive to cyber-criminals and data hackers, because our community is vigilant and engaged so much so that threat actors aren't enticed to even attack us."

This discussion has been archived. No new comments can be posted.

Government of Canada's Plan To Improve Cybersecurity? Be Less Attractive

Comments Filter:
  • Trust me, I've been turning in Russian bot nets for years, and they are actually more prevalent on Canadian social media than on American social media.

    Best practice is convert to renewables faster, and crush them by destroying their export markets.

    • by alvinrod ( 889928 ) on Tuesday October 02, 2018 @04:10PM (#57413626)
      That would probably have the opposite effect. No one in Russia would be part of troll farm companies that are designed to influence opinions if they had better alternatives for earning an income. Part of the reason that's an issue is because even though Russia cast off the Soviet-era central planning, the oligarchy that replaced it has no interest in embracing free market ideals when it might challenge their control, but another issue is that the rest of the world has sanctioned Russia to the extent that it makes it difficult for legitimate commerce to occur. Naturally, this means an expanse in shady (or outright illegal) enterprise.

      If you think that trying to punish them economically will crush them, remember that Russians managed the longest run of any Communist country and the self-inflicted economic misery it brings. They're too proud to capitulate to western demands and they've been through worse economically and within recent memory for many of their citizens. Open up markets to them and create better economic opportunity and many of them are likely to act on that. It won't eliminate the troll farms, but it will make them more expensive, or subject them to outsourcing.
      • Interesting arguments.

        I don't know, I did my time under Reagan, and we were all about the economic crushing of Russia. It worked pretty darned well, too. We still have them running around in circles thinking we have death rays in the sky, the suckers.

        • Nationalist uprisings have killed the USSR, not Reagan. He just took the credit.

          • Until petro-exports started to make money, the USSR was trading potatoes. Reagan, for all of his crap, outspent the USSR and sucked up its resources in military spending.

            The uprisings were the result of not being able to feed people, crappy bureaucracy, and horrific infrastructure. There was no money, the common denominator towards the equivalent of a $2.50/hr wage. Great masses of people were just fed up with it.

            Party members were elevated to a pseudo-status of wealth. They weren't really rich, but they fa

            • Until petro-exports started to make money, the USSR was trading potatoes. Reagan, for all of his crap, outspent the USSR and sucked up its resources in military spending.

              The uprisings were the result of not being able to feed people, crappy bureaucracy, and horrific infrastructure. There was no money, the common denominator towards the equivalent of a $2.50/hr wage. Great masses of people were just fed up with it.

              This. The USSR fell because it was broke. Of course, so was the USA, but it had better credit standing.

              Reagan may not deserve the credit, but one must give a nod to him and Gorbachev for shaking hands and ending the Cold War. I think that helped.

              I think the Canadians are fooling themselves. Hackers like a challenge.

              White-hat hackers perhaps. But black-hat hackers (aka crackers) are thieves, and generally thieves are lazy.

            • Until petro-exports started to make money, the USSR was trading potatoes.

              Nope. More like wheat, steel, lumber and tanks. It was not a very export oriented country, most of its production was for internal consumption only.

              Reagan, for all of his crap, outspent the USSR and sucked up its resources in military spending.

              Again, nope. What sucked up its resources in the late 1980s was Chernobyl, a devastating earthquake in Armenia and what amounted to two civil wars. One of them, in fact, still sort of goes on [wikipedia.org] in

      • by rtb61 ( 674572 )

        Kind of makes no sense as most attacks still come out of the US, so how will they help any one else. If they wanted security, they would establish treaties so as to source the attack to the actual perpetrator, rather than just another link on the route but one they can not see beyond.

        Reality is most attacks are now automated, unless there is a particular interest in a particular location. Banks have been pretty secure for decades, they spend the money, governments have not been secure, they go for the low

      • > No one in Russia would be part of troll farm companies that are designed to influence opinions they had better alternatives for earning an income.

        I note that Americans have better alternatives for earning and income, yet they are part of troll farms designed to influence opinions. See the trolling posted with every Slashdot story. :D

        On a more serious note, you're right they HAVE been through really tough economic times hastened by the United States, in relatively recent memory. It that economic isolati

        • by rtb61 ( 674572 )

          The reason of course why influence trolls are so recognisable on slashdot is of course low IQ compared to the slashdot norm. So troll farms will exist where ever there are lazy low IQ trolls to employ on minimum wage. As for hacking out of Russia, it is the logical move in the west to rent a server in Russia to attack any western target because of the idiocy at the top, no treaty and as long as you are not hacking Russian companies, Russian security services wont give much of a fuck, so it makes sense to ro

      • by Tom ( 822 )

        If you think that trying to punish them economically will crush them, remember that Russians managed the longest run of any Communist country and the self-inflicted economic misery it brings. They're too proud to capitulate to western demands and they've been through worse economically and within recent memory for many of their citizens. Open up markets to them and create better economic opportunity and many of them are likely to act on that. It won't eliminate the troll farms, but it will make them more expensive, or subject them to outsourcing.

        Also remember that the West does not utterly dominate world trade anymore.

        When European products disappeared from the shelves in Russia, there were empty shelves for a few weeks. Then they filled back up with asian products. A new trade deal was made with China. The rubel which had fallen to almost 1:100 to the Euro recovered back to 1:60 (the best course I remember is 1:45, so 1:60 is almost pre-sanction levels).

        The sanctions harm Europe more than Russia. A lot of Greece farmers saw their exports disappear

  • by Oswald McWeany ( 2428506 ) on Tuesday October 02, 2018 @03:25PM (#57413284)

    If being unattractive is the key to better cybersecurity no one has better cyber security than me.

  • by Sebby ( 238625 ) on Tuesday October 02, 2018 @03:30PM (#57413328)

    "Government of Canada's Plan To Improve Cybersecurity? Be More Proactive"

    There, FTFY

  • I'll ignore the feasibility discussion for the moment, as I have another commentary in mind:

    The idiom I'm referencing in the Subject is actually, "One man's meat is another man's poison," but I would like to suggest that perhaps sometimes it goes the other way around. If the government of Canada were to actually succeed in making their online infrastructure more difficult to attack, then there are people of a certain type of personality who will take that as a personal challenge, and as such, they will put

    • But they're not really talking about doing anything special or interesting. They're talking about doing the boring stuff, that everyone should do. At least as it's talked about in the summary and article, they're doing the security equivalent of brushing their teeth—it's not very flashy, but it prevents a lot of problems before they start. It's just a necessary, boring step to protect the network. Take sites off the internet that don't need to be on the internet is a boring-ass solution to a problem,

      • Sadly, you're probably right. I say sadly, because what you describe should be the norm. It obviously isn't... but it should be.
  • I have this debate with my friends all the time.. a great example of our superficial and soundbite-based society. If world leaders are enviable of Justin Trudeau, perhaps that's a sign we need more Trumps and not less. He has nice hair but lacks substance; the amount of foreign investment in Canada has dove to levels not seen since the depths of the worst recession in decades since Trudeau was elected. Meanwhile, the business-friendly administration of Trump is eating our lunch and resulting in real-life
    • by WillAffleckUW ( 858324 ) on Tuesday October 02, 2018 @03:47PM (#57413452) Homepage Journal

      While "world leaders" are focused on Trudeau's hair and nice sounding platitudes of diversity and at the same time apoplectic at whatever Trump's latest tweet is, he's running circles around us in advancing their interests. I'd trade Trudeau for Trump any day of the week, perhaps it's because I don't case so much for his personal views or the daily rage of mainstream media misinterpreting his comments.

      Um, dude, Trudeau tricked Trump into signing a NAFTA plus TPP deal with some TPIP thrown in.

      It's called "winning". Yes, I know, Orange Jesus has you believing Losing Badly is "winning", but in Canada, winning is "winning".

      • Tricked? Do you even know what you're talking about? Any trade agreement, but *especially* one with IP provisions (which the TPP and the new USMCA is heavy in) will massively favor the US. This isn't even slightly a surprise - while most manufacturing has moved from the US, they still own a majority of IP. It almost seems to be the sole driver and main focus of any trade deal they do nowadays. Tricked by Trudeau, LOL! Here's some more reading from Michael Geist in support: Canada capitulates on copyrig [thestar.com]
  • because our community is vigilant and engaged so much so that threat actors aren't enticed to even attack us."

    Real hackers will see a vigilant and engaged target as more of a challenge...

    Criminals won't care so long as there's still some kind of payoff. If you want to be less attractive to criminals, turn canada into a poor third world country. Criminals won't bother to attack someone who hasn't got any money, bandwidth or processing power.

  • by commodore64_love ( 1445365 ) on Tuesday October 02, 2018 @03:55PM (#57413518) Journal

    "be more vigilant" doesn't actually mean anything. What will you actually DO Mister Trudeau? - (insert sounds of giant Horse Flies biting your legs)

  • I put naked pictures of myself in folders labeled "Bank Details". It's easy to track down the hackers because of the screams, white hair and babbling about "Shub Niggurath".
  • 1. Stop allowing 2009 consumer operating systems to store unencrypted data.
    2. Ensure any AV software approved is still working and gets needed updates in 2019.
    3. Use tested and trusted encryption on networks so any data accessed is useless.
    4. Hire staff on merit so they have the computer skills to look after the networks they are responsible for.
  • Security through obscurity... never a good plan.
  • Doing "the basics" should be among the first steps taken in any security plan. This will probably put their systems out of each of most casual hackers. Won't be sufficient for any directed attacks, hopefully they continue to do more than "basics". Proper security requires continuous action, not just one pass.

  • ...can start by not making e2e/crypto illegal.

C makes it easy for you to shoot yourself in the foot. C++ makes that harder, but when you do, it blows away your whole leg. -- Bjarne Stroustrup

Working...