The Swing incident indicates the need for a mandatory cybercrime report, an expert said


Text content

Critical infrastructure providers of third-party cyber-attacks, which are declining in Canada’s Swing Airlines, are another indication that cyber security breaches should be reported to the government agency as soon as possible, an expert said.

Advertisement 2

Text content

“The lessons to be learned from this attack must be widely shared,” said David Shipley, a New Brunswick-based awareness educator.

He said Canada should follow US leadership last month when it passed a law requiring key infrastructure companies to report serious cyber security issues to the Department of Homeland Security (DHS) when they learned of a successful attack within 72 hours. By paying a 24-hour redemption fee. Reporting is still underway, so the reporting process has not yet begun.

DHS may share certain information about hazards and security vulnerabilities in these disclosures. In the meantime, publicization protects companies from prosecution.

Shipli, who is the co-chair of the Canadian Chamber of Commerce. Cyber ​​right. right now. Campaign says the problem is that private and public sector organizations need to know at least some of the indicators of agreement. [IoCs] Or tactics used by dangerous actors as quickly as possible to prevent similar attacks.

Now, you can ask if you are an important infrastructure company in Canada [federal government’s] Canadian Cyber ​​Security Center for help, and you will be happy to do so. But they can’t talk [without invitation]We are coming to help, we are entering to understand this. We are moving in to understand IOCs so that the rest of the industry can learn faster. ‘

Read Also:  Mobile money market analysis by size, share, industry growth and forecast to 2028

Notice 3

Text content

Unfortunately, victims’ advocates, risk groups or insurers said they would not allow such a statement.

He lamented the “dictatorship” of companies that acted in self-defense in the event of an accident.

“The reality is this is a community issue,” he continued. Lessons to be learned from cyber-bullying should be widely used.

“When we have a physical accident in the airline industry, the Transportation Safety Agency is investigating, and there is complete and transparent public transparency. This is the law. But we have lost that through cyberspace: we have seen this in health care in Canada, and we will only find out if violations are made public. Sometimes we get better information from vendor forensic analytics that we get from the digestive organs of the Canadian Cyber ​​Safety Center. We need to change the story. We want to report a breach of duty.

During the weekend, Sunwing had problems with the IT system to check passengers. The company staff had to wait hours for departures – if they could get out, they had to go through manual procedures. News reports say some flights have been delayed by more than 24 hours in Canada. Others are stuck trying to get inside.

On Tuesday, Swing CEO Mark Williams told CP24 News that he was responsible for a cyber attack on the airline’s choice of service provider.

Read Also:  What is the best exercise for diabetes?

“Our third-party system provider, Airline, will continue to work with the relevant authorities to resolve the issue as soon as possible,” Sunging said in a statement. “In the meantime, as we continue to operate flights manually, further flight delays may be expected and customers are advised to sign up for flight alerts on”

Notice 4

Text content

Airline Choice offers flight-related applications, including passenger and luggage check-in for passengers and staff.

Headquartered in Michigan, the company’s website states that the solutions will be used by airlines and airports around the world.

Shipley said affected companies do not need to hold press releases and provide confidential IT details under the official system. But they must report to the designated agency to explain what IT knows. He added: “While doing so, they have been given some extensive compensation and some protection.” Information with the government. The government can then assign detailed standards that are appropriate for those groups to trusted groups.

He added that some cyber security and software companies already share different levels of knowledge. “While fighting the fire, we have to get rid of this congestion. They may be thinking only of themselves, but time is of the essence if we are to save others.

One of the company’s IT providers – as seen in the Sunwing event – may be headquartered outside of Canada. This did not pose a legal challenge to the reporting of the breach of duty, Shipley asked? How can a company outside of Canada be compelled to comply with Canadian regulations?

Read Also:  America threatens major strike in freight

He said companies in key infrastructure sectors – such as finance, energy, transportation and communications – could be told that they and their suppliers must comply with Canadian law. It will be a requirement of an organization’s contract with suppliers.

The post Sunwing incident shows the need for mandatory cybercrime reporting, says expert appeared first in IT World Canada.

This unit is powered by IT World Canada. ITWC covers the organization’s IT spectrum by providing news and information to IT professionals looking to succeed in the Canadian market.

Notice 1


Postmedia is alive but committed to a public forum and encourages all readers to comment on our articles. Comments may take up to an hour for mediation to appear on the site. We ask that your comments be treated fairly and respectfully. We have enabled email notifications – if you receive a response to your comment you will now receive an email, you may have an update on the following comment line or a user who follows comments. Visit our Community Guide for more information and details on how to adjust your email settings.


Please enter your comment!
Please enter your name here