Government of Canada's Plan To Improve Cybersecurity? Be Less Attractive (eweek.com) 112
darthcamaro writes: Though Justin Trudeau is the envy of many world leaders for his likeability, the head of of the Canadian Centre for Cyber Security at the Canadian Security Establishment (CSE), which helps to protect federal government networks says that his agency is trying to make Canada less attractive -- to hackers.
Speaking at the SecTor conference in Toronto Scott Jones said:
"By doing the basics, you're making the adversaries that come after you deploy more advanced tools and techniques, and you just might not be worth the expense," Jones said. "My ultimate goal is to make Canada unattractive to cyber-criminals and data hackers, because our community is vigilant and engaged so much so that threat actors aren't enticed to even attack us."
Speaking at the SecTor conference in Toronto Scott Jones said:
"By doing the basics, you're making the adversaries that come after you deploy more advanced tools and techniques, and you just might not be worth the expense," Jones said. "My ultimate goal is to make Canada unattractive to cyber-criminals and data hackers, because our community is vigilant and engaged so much so that threat actors aren't enticed to even attack us."
Um, it won't work (Score:2)
Trust me, I've been turning in Russian bot nets for years, and they are actually more prevalent on Canadian social media than on American social media.
Best practice is convert to renewables faster, and crush them by destroying their export markets.
Re:Um, it won't work (Score:5, Insightful)
If you think that trying to punish them economically will crush them, remember that Russians managed the longest run of any Communist country and the self-inflicted economic misery it brings. They're too proud to capitulate to western demands and they've been through worse economically and within recent memory for many of their citizens. Open up markets to them and create better economic opportunity and many of them are likely to act on that. It won't eliminate the troll farms, but it will make them more expensive, or subject them to outsourcing.
Re: (Score:2)
Interesting arguments.
I don't know, I did my time under Reagan, and we were all about the economic crushing of Russia. It worked pretty darned well, too. We still have them running around in circles thinking we have death rays in the sky, the suckers.
Re: Um, it won't work (Score:2, Informative)
Nationalist uprisings have killed the USSR, not Reagan. He just took the credit.
Re: (Score:3)
Until petro-exports started to make money, the USSR was trading potatoes. Reagan, for all of his crap, outspent the USSR and sucked up its resources in military spending.
The uprisings were the result of not being able to feed people, crappy bureaucracy, and horrific infrastructure. There was no money, the common denominator towards the equivalent of a $2.50/hr wage. Great masses of people were just fed up with it.
Party members were elevated to a pseudo-status of wealth. They weren't really rich, but they fa
Re: (Score:2)
Until petro-exports started to make money, the USSR was trading potatoes. Reagan, for all of his crap, outspent the USSR and sucked up its resources in military spending.
The uprisings were the result of not being able to feed people, crappy bureaucracy, and horrific infrastructure. There was no money, the common denominator towards the equivalent of a $2.50/hr wage. Great masses of people were just fed up with it.
This. The USSR fell because it was broke. Of course, so was the USA, but it had better credit standing.
Reagan may not deserve the credit, but one must give a nod to him and Gorbachev for shaking hands and ending the Cold War. I think that helped.
I think the Canadians are fooling themselves. Hackers like a challenge.
White-hat hackers perhaps. But black-hat hackers (aka crackers) are thieves, and generally thieves are lazy.
Re: (Score:2)
Nope. More like wheat, steel, lumber and tanks. It was not a very export oriented country, most of its production was for internal consumption only.
Again, nope. What sucked up its resources in the late 1980s was Chernobyl, a devastating earthquake in Armenia and what amounted to two civil wars. One of them, in fact, still sort of goes on [wikipedia.org] in
Re: (Score:2)
Kind of makes no sense as most attacks still come out of the US, so how will they help any one else. If they wanted security, they would establish treaties so as to source the attack to the actual perpetrator, rather than just another link on the route but one they can not see beyond.
Reality is most attacks are now automated, unless there is a particular interest in a particular location. Banks have been pretty secure for decades, they spend the money, governments have not been secure, they go for the low
Slashdot proves otherwise (Score:2)
> No one in Russia would be part of troll farm companies that are designed to influence opinions they had better alternatives for earning an income.
I note that Americans have better alternatives for earning and income, yet they are part of troll farms designed to influence opinions. See the trolling posted with every Slashdot story. :D
On a more serious note, you're right they HAVE been through really tough economic times hastened by the United States, in relatively recent memory. It that economic isolati
Re: (Score:2)
The reason of course why influence trolls are so recognisable on slashdot is of course low IQ compared to the slashdot norm. So troll farms will exist where ever there are lazy low IQ trolls to employ on minimum wage. As for hacking out of Russia, it is the logical move in the west to rent a server in Russia to attack any western target because of the idiocy at the top, no treaty and as long as you are not hacking Russian companies, Russian security services wont give much of a fuck, so it makes sense to ro
Re: (Score:2)
If you think that trying to punish them economically will crush them, remember that Russians managed the longest run of any Communist country and the self-inflicted economic misery it brings. They're too proud to capitulate to western demands and they've been through worse economically and within recent memory for many of their citizens. Open up markets to them and create better economic opportunity and many of them are likely to act on that. It won't eliminate the troll farms, but it will make them more expensive, or subject them to outsourcing.
Also remember that the West does not utterly dominate world trade anymore.
When European products disappeared from the shelves in Russia, there were empty shelves for a few weeks. Then they filled back up with asian products. A new trade deal was made with China. The rubel which had fallen to almost 1:100 to the Euro recovered back to 1:60 (the best course I remember is 1:45, so 1:60 is almost pre-sanction levels).
The sanctions harm Europe more than Russia. A lot of Greece farmers saw their exports disappear
I have the best Security of all (Score:4, Funny)
If being unattractive is the key to better cybersecurity no one has better cyber security than me.
Re: (Score:2)
"You don't have to outrun the bear, just the other guy."
Better title: (Score:3)
"Government of Canada's Plan To Improve Cybersecurity? Be More Proactive"
There, FTFY
One man's poison... (Score:2)
I'll ignore the feasibility discussion for the moment, as I have another commentary in mind:
The idiom I'm referencing in the Subject is actually, "One man's meat is another man's poison," but I would like to suggest that perhaps sometimes it goes the other way around. If the government of Canada were to actually succeed in making their online infrastructure more difficult to attack, then there are people of a certain type of personality who will take that as a personal challenge, and as such, they will put
Re: (Score:2)
But they're not really talking about doing anything special or interesting. They're talking about doing the boring stuff, that everyone should do. At least as it's talked about in the summary and article, they're doing the security equivalent of brushing their teeth—it's not very flashy, but it prevents a lot of problems before they start. It's just a necessary, boring step to protect the network. Take sites off the internet that don't need to be on the internet is a boring-ass solution to a problem,
Re: (Score:2)
Envy? Misplaced priorities.... (Score:1)
Re:Envy? Misplaced priorities.... (Score:5, Insightful)
While "world leaders" are focused on Trudeau's hair and nice sounding platitudes of diversity and at the same time apoplectic at whatever Trump's latest tweet is, he's running circles around us in advancing their interests. I'd trade Trudeau for Trump any day of the week, perhaps it's because I don't case so much for his personal views or the daily rage of mainstream media misinterpreting his comments.
Um, dude, Trudeau tricked Trump into signing a NAFTA plus TPP deal with some TPIP thrown in.
It's called "winning". Yes, I know, Orange Jesus has you believing Losing Badly is "winning", but in Canada, winning is "winning".
Re: (Score:2)
Less attractive? (Score:2)
because our community is vigilant and engaged so much so that threat actors aren't enticed to even attack us."
Real hackers will see a vigilant and engaged target as more of a challenge...
Criminals won't care so long as there's still some kind of payoff. If you want to be less attractive to criminals, turn canada into a poor third world country. Criminals won't bother to attack someone who hasn't got any money, bandwidth or processing power.
Empty words (Score:3)
"be more vigilant" doesn't actually mean anything. What will you actually DO Mister Trudeau? - (insert sounds of giant Horse Flies biting your legs)
I've been doing this for years (Score:2)
How to secure your nation (Score:2)
2. Ensure any AV software approved is still working and gets needed updates in 2019.
3. Use tested and trusted encryption on networks so any data accessed is useless.
4. Hire staff on merit so they have the computer skills to look after the networks they are responsible for.
Security through obscurity... (Score:2)
If you can get past the poorly worded headline... (Score:2)
Doing "the basics" should be among the first steps taken in any security plan. This will probably put their systems out of each of most casual hackers. Won't be sufficient for any directed attacks, hopefully they continue to do more than "basics". Proper security requires continuous action, not just one pass.
The Trudeau Government (Score:1)
Re: (Score:3, Informative)
Re: (Score:1)
I'm going to hold you to that promise.
Re:Here's another idea: (Score:5, Insightful)
Re: Here's another idea: (Score:1)
That! I was totally against poutine as itâ(TM)s usually done with disgusting powdered âgravyâ(TM), bad fries and what they call âoecheeseâ curds.
Go to a proper smokehouse or someone that actually cooks their own proper meals. Use real gravy made from real meat throw in proper fries and actual cheese curds and itâ(TM)s actually pretty effing delicious.
Re: (Score:3)
1. At least Canada has public healthcare for those without "fuck you money." Outcomes are better, life expectancies are longer than in the US. Who cares if you need to wait 6 months for cosmetic/orthopedic stuff if important surgery and procedures are nearly free?
2. Free speech? I'm not planning to deny the Holocaust, so why do reasonable restrictions on promoting Fascism and ethnic hatred matter to me?
3. Taxes - at least they pay for healthcare and infrastructure, not US military scumbaggery.
4. Groc
Re: (Score:2)
We would then be executing a great many people that became addicted to opiates due to an injury and following the advice of their doctor. My buddy is a psychologist and 9 out of 10 of his clinic's clients are addicts, three-quarters of whom became addicted under the care of a doctor for treatment of an injury or chronic pain.
I'm a Canadian that has never used recreational drugs (excepting alcohol) and has no plans to change. I'm pretty enthused about the upcoming change in legality for marijuana. It's not
Re: (Score:3)
Was there a poll or something?
Yeah, it was an election where we sent Harper off to live with the Saudis.
Re: (Score:2)
Who's "we?" You didn't vote in the Canadian election.
How do you know? I am a dual citizen. And a graduate of both a Canadian high school and a Canadian university, as well as a former Canadian Army Sergeant.
Re: Envy (Score:4, Funny)
..... and replaced him with a fruitcake.
No, that was America.
Re: (Score:2)
..... and replaced him with a fruitcake.
No, that was America.
The selection of PM Zoolander [pjmedia.com] is all on Canada. He's your "sweetmeat," and you're stuck with him, no regifting allowed.