Canada Post has reported a data breach to 44 of its businesses and with potential impact upon 950,000 receiving customers. The attack was the result of malware from malicious hackers.
The malware (‘malicious software’) was a code developed by cyberattackers, designed to cause extensive damage to data and systems and to gain unauthorized access to a network. The origin of the attack is unknown.
The attack took the form of email notifications appearing to come from Canada Post. The messages indicted to recipients they were expecting a shipped package and the message provided links where users could download the supposed shipping invoice. The links contained a malicious file named down4.exe.
Canada Post is the main postal operator for Canada, looking after the postal needs of 16.5 million Canadian residential and business addresses.
The mail corporation indicated that it “implemented proactive measures and will continue to take all necessary steps to mitigate the impacts.”
In addition, Canada Post said: “Shipping manifests are used to fulfill customer orders. They typically include sender and receiver contact information that you would find on shipping labels, such as the names and addresses of the business sending the item and the customer receiving it.”
Looking at the scope and nature of the breaches, cyber industry veteran (former Check Point, Microsoft, Aqua director) Ran Nahmias, now cofounder and CBO of Cyberpion, tells Digital Journal that an attack on one institution can have a significant implication on related businesses that are connected to a central source.
Nahmias explains: “Today’s supply chains include the intersection of physical, software, digital and data “goods and services” which has made the information economy possible. At the same time, modern day threat actors see an opportunity in each and everyone of these elements – especially in how they are connected to each other.”
This means changes are required to address future problems, including a new mindset and a different orientation from security teams.
Here Nahmias explains: “This decade, security teams need to view this inter-connectedness as the new battlefield and think in terms of their connections to third-parties as much as they think about protecting their own internal information technology.”