Category Archives: postmedia

Canadian cybercrime expert looks into the depths of social engineering

Christopher Kayser admits he was once suckered by a phishing lure, which is ironic considering he’s a cybersecurity consultant, researcher and author of a recent book that tries to explain why people fall for such scams.

It was supposedly an email from an airline he regularly uses, Kayser said in an interview from his Calgary home. The email featured special pricing on fares. He clicked a link. Nothing happened, but that’s because the malware was silently downloading.

“And I looked at the screen and thought, ‘You silly bugger.'”

Christopher Kayser

No serious harm was done. It did mean Kayser was one of the thousands of people around the world who have been duped since the age of the personal computer began. And it sort of makes him competent to write about social engineering.

His message to anyone with a computing device is “don’t be quick to click,” which, of course, he was that day.

“I try to tell people to slow down, think about what they’re looking at, understand that they have to be right every time they touch a keyboard, but the cybercriminal only has to be right once. And that one time can change your life if you lose your identity, your social insurance, if your bank account gets cleaned out, or if your credit gets ruined.

“So what I wanted to do is write a book that did two things: One is helping people that weren’t super-literate in how to protect themselves as best they could using technology [and] to remind people that becoming too close to technology is not necessarily a good thing. Sometimes the more advanced we get the less cautious we become, and that can be catastrophic.”

His book, Cybercrime through Social Engineering, is a 290-page distillation of cybercrime (hacker tools, ransomware, CEO scams, phishing, the phases of an attack) and how people and organizations can protect themselves (multi-factor authentication, cyber insurance, penetration testing the need to create effective cyber policies). Non-tech managers and individuals will find it a useful introduction to a vast subject and warning signs to look for.

The centre of the book is a concept Kayser and a Boston University colleague are developing called Required Elements for a Social Engineered Cyber Attack Theory (RESCAT) to explain how users of technology react to social engineering attacks.

Briefly, they believe two factors — human nature and human curiosity — determine what people will do when faced with an enticement. As many infosec pros know by now, attackers try to manipulate people through emotions including fear, urgency, greed, guilt, helpfulness and obedience. But they also believe generations play a role in decision-making. For example, Traditionalists – those born before 1945 — are cautious and less likely to click. Younger groups who are more at ease with technology and think rules don’t apply to them may be more trusting. Which is why, Kayser writes, that a “one-presentation-fits-all” approach won’t be effective.

There’s a lot of research and testing of the model to be done, Kayser acknowledges. But if it’s accurate, he says it could help develop awareness programs to help users of technology be more aware when faced with something that looks convincing.

Actually, it wasn’t that supposed airline fare offer that triggered Kayser to write a book. It was a CBC interview with a firewall vendor who said his product catches 92 to 98 per cent of cyberattacks. Asked about the rest, and the rep said it was up to the user to catch. “That just about floored me,” Kayser said, figuring it left a “staggering” number of people who could face a cyber attack.

‘People need to know’

“Think of 4 billion people around the planet who are using smartphones, computers and look at cybercrime rates, look at legislative restrictions that inhibit the ability of law enforcement to successfully detect, charge, extradite, prosecute cybercriminals. Look at the wealth, look at the Darknet. Look at the risk-reward that goes on with being a cybercriminal.

“You have, I think, the most invasive and destructive form of crime in history going on and people need to know about this. They need to know how to reduce the rate of potential cyber victimization and how to become more cyber safe and cyber-savvy to the best of their ability,” said Kayser.

A 23-year veteran of the computer industry who started as a programmer and rose to become lead manager for a software project for a major Canadian bank before switching careers to manage financial portfolios, Kayser did well enough to go into semi-retirement. Then he studied criminal justice, eventually earning a Master’s degree at Boston University in criminal justice and cybercrime.

“Social engineering is ingrained in us,” he said, meaning at a young age people learn to manipulate others for a reward: Babies cry until they get fed, children throw tantrums until they get a toy. Parents tell their teenagers, “Clean your room and we’ll go to McDonald’s.” Bill Gates, Kayser observed, once said he uses “negative motivation” to spur employees.

Gullibility and forced habit

Still, after years of (sometimes sporadic) corporate awareness training and news articles, users still fall for scams. “It’s a combination of gullibility and forced habit,” Kayser said. “There are assumptions people make.” One is IT manufacturers are doing everything possible to make sure people aren’t victims. Another is their ISP is doing absolutely everything in its power to make sure nothing resembling malware gets through. That’s part of his RESCAT theory. Many assume, “The world is looking out for me.”

Another factor is people are in a rush. Many successful cyberattacks happen on a Monday when people come into the office to face a pile of emails. Staff want to be efficient. They read too fast, there are distractions and the caution that they might exercise on other days is gone.

It would help, Kayser says, if cyber awareness was taught in early grades.

Advice for CISOs

Asked what effective corporate cyber awareness training looks like, he pointed to efforts by Canadian banks. In one institution, keyboards have been configured to have a button staff can push to alert IT if they get a suspicious email. But organizations also have to set and enforce responsible use of technology, he said, such as refusing to allow personal surfing during working hours.

And beyond training it may be necessary to make corporate directors responsible for security incidents, he added. Meanwhile, CISOs have to understand the fact that everybody’s busy, stressed, particularly today.

“Most people are trying to do the best they can within the organization, but their priority is not cyber safety and cyber awareness … So it falls upon the CISO to develop education programs and processes that can safeguard employees through automatic processes as well as supplying employee education about the real risk of potential cyber victimization.”

Training needs to be tailored to the audience, he stressed.

The post Canadian cybercrime expert looks into the depths of social engineering first appeared on IT World Canada.

AMD Radeon RX 6000 series ‘Big Navi’ graphics cards overview

AMD has launched its RX 6000 series of graphics cards based on the revised RDNA architecture.

Three new cards were launched at its virtual launch presentation on Oct. 28: the Radeon RX 6800, Radeon RX 6800 XT, and the Radeon RX 6900 XT.

Model AMD RX 6900 XT AMD RX 6800 XT AMD RX 6800
Compute units 80 72 60
Boost/Game frequency 2250MHz / 2015MHz 2250MHz / 2015MHz 2105MHz / 1815 MHz
ROPs 128 128 96
Infinity cache 128MB 128MB 128MB
Memory 16GB GDDR6 16GB GDDR6 16GB GDDR6
Ray Accelerators 80 72 60
Power connector 2 x 8 pin 2 x 8 pin 2 x 8 pin
GPU power 300W 300W 250W
Price US$999 US$649 US$579

All three cards are based on the RDNA 2 architecture, an improved version of AMD’s RDNA architecture used by the Radeon RX 5000 series graphics cards. Compared to the first iteration, RDNA 2 offers 54 per cent higher performance per watt despite being built on the same 7nm node by TSMC. At 4K resolution, AMD claims that RDNA 2 offers roughly twice the performance of RDNA.

All image source: AMD presentation slide deck.

Debuting with RDNA 2 is AMD’s new Infinity Cache, a new slice of 128MB cache memory installed on the GPU that’s accessible by all cores. AMD claims that Infinity Cache acts as a “massive bandwidth amplifier” and raises the effective memory bandwidth to 1664GB/s, 2.4 times higher than the standard GDDR6 memory onboard. For reference, the Radeon Vega VII, which used stacks of high-bandwidth memory (HBM) and a 4096-bit memory bus, achieved a memory bandwidth of 1024GB/s.

AMD doubling down on boosting memory bandwidth could be seen as a way to keep the GPU running at its peak. As Anand Tech explained in its Nvidia Turing architecture deep dive, memory bandwidth does not improve at the same pace as semiconductor density. This was one of the reasons AMD opted to use the expensive HBM2 memory for its Vega VII graphics card.

Now back to the design at hand. With the first RDNA cards, AMD nearly doubled their graphics memory bandwidth (compared to its older Graphics Core Next cards) by using a wider 384-bit memory bus and the faster GDDR6X memory. But with RDNA 2, AMD reverted to using a narrower 256-bit wide bus and the slower GDDR6 memory. Therefore, AMD is likely banking on Infinity Cache to alleviate any bottleneck that could hamper the performance of its new Ray Accelerator, a new dedicated ray trace unit added to the RDNA 2’s compute unit.

AMD Radeon RX 6800 XT breakdown. Image source: AMD website

Smart Access Memory is another memory enhancement that can increase performance. The caveat is that it can only be enabled by pairing an RX 6000 series graphics card with an AMD Ryzen 5000 series processor. Once enabled, the processor would have “full access” to the GPU memory. AMD said that when combined with the new Rage Mode one-click overclocking feature, gamers could squeeze out an extra two to 13 percent performance for free. During the presentation, AMD only mentioned Smart Access Memory with the 500 series chipset motherboards. It’s not clear whether the 400 series chipset motherboards would receive it as well.

During the presentation, AMD CEO Lisa Su said that a super-resolution feature is in the works to “give gamers an option for more performance when using ray tracing.” Su did not announce when it will be available.

The RX 6000 series graphics cards bring support for Microsoft’s DirectX 12 graphics API. It aims to increase visual fidelity and processing efficiency through four key technologies:

  • DirectX Raytracing: an advanced ray-tracing technique that produces more realistic lighting and shadows.
  • Variable rate shading: renders different parts of an image at different detail levels.
  • Mesh shaders: A new shader pipeline design that makes shaders more flexible and efficient.
  • Sampler feedback: A feature that better predicts what graphical resources should be loaded next.

By improving power efficiency using holistic design optimizations, AMD was able to limit the total board power of its RX 6000 series graphics cards to 300W. According to the presentation slides, AMD targeted a 650W power supply to be the baseline power requirement. That may be enough to run the RX 6800, but AMD recommends a 750W unit of the RX 6800XT and 850W for the RX 6900 XT.

AMD said its RDNA 3 architecture is on track.

For the most part, AMD’s carefully-crafted presentation strongly alludes that the Radeon RX 6000 series will deliver better value than its green competitor. For graphics cards, value isn’t a simple conversation of pricing; performance at the targeted resolution still plays into the equation.

First up is the Radeon RX 6800, the most affordable option at US$579. AMD compared the Radeon RX 6800 to the Nvidia RTX 2080 Ti, Nvidia’s former flagship card built using the Nvidia Turing architecture. AMD’s presentation slides showed a convincing victory for the RX 6800 at 1440p and a solid lead at 4K. Based on preliminary reviews by various outlets, the RTX 2080 Ti roughly equates to the performance of the Nvidia GeForce RTX 3070 launching on Oct. 29, so AMD’s victory here could very well translate to a win against Nvidia’s midrange contender. Do note, however, that the RTX 3070 is US$79 cheaper and only comes with 8GB of memory.

Next up is the Radeon RX 6800 XT at $649, which squared off against Nvidia’s current-gen GeForce RTX 3080 graphics card. Not only did it show some seriously competitive numbers against Nvidia’s product, but it did so at a lower power profile (which AMD poignantly noted by enclosing it in bold brackets). It also undercuts Nvidia’s card by $50, increasing the value proposition ever so slightly.

Saving the best for last, AMD pitted its top-shelf Radeon RX 6900XT against Nvidia’s flagship GeForce RTX 3090 graphics card. With both the Rage mode overclocking and Smart Access Memory enabled, the RX 6900 XT traded blows against Nvidia’s best at 4K resolution. But at $999, the RX 6900 XT significantly undercuts the RTX 3090 Founders Edition by $499.

The Radeon RX 6800 and Radeon RX 6800 XT will be available globally on Nov. 18. The Radeon RX 6900 will be available on Dec. 8. AMD has promised that it would take every measure it can to prevent scalper bots from instantly draining inventory at launch–a nightmare scenario that struck Nvidia when it launched its GeForce RTX 3000 series graphics cards.

The post AMD Radeon RX 6000 series 'Big Navi' graphics cards overview first appeared on IT World Canada.

MISA Ontario 2020: Raise cyber awareness by targeted training, expert says

With human error being a leading cause of data breaches, organizations are putting more emphasis than ever on security awareness training.

But Canadian municipal infosec leaders were warned Tuesday that scaring employees into obedience won’t work.

In fact, argued James Norrie, CEO of CyberconIQ, a Pennsylvania-based threat awareness learning platform, CISOs need to understand human nature and the things that trigger the seemingly irresistible urge to click on a link or open that attachment.

“You have to make it OK to be vulnerable around cybersecurity in your organization,” he told the annual security conference of the Ontario wing of the Municipal Information Systems Association (MISA), being held this year online.

“To do that, you don’t want to sling fear and the fear of consequences,” he said in the keynote address. Phishing tests aim to catch people doing something wrong, he argued, which doesn’t help the mindset of staff. “So instead of reporting failure rates, report pass rates and talk about how you’re going to use this (training) to bolster people’s understanding of cybersecurity as a team sport.”

Most organizations have technology that will catch up to 92 per cent of cyber threats, he said. Of the remaining eight per cent or so, no amount of technology will improve that. But if employees can be taught to not execute on the attack, “then you can’t be compromised.”

Norrie, who also teaches cybersecurity at York College in Pennsylvania, argues awareness training has to be customized to employees rather than be generic. People can be broken down into four types, he said:

  • “Risk Breakers,” who are happy following rules. But that makes them vulnerable to what Norrie called “deep fake” attacks seemingly from someone in authority who asks them to break the rules, like change the bank account money is sent to. Fortunately, because much of generic awareness training involves following a set of rules, they are the easiest group to train. Broadly they represent 38 to 40 per cent of employees;
  • “Risk-Takers,” who represent 12 to 15 per cent of employees, want to comply with company rules but are more risk-tolerant and will make selective exceptions to rules. They may be vulnerable to cons involving fake “emergency or urgency” pleas;
  • “Risk Shakers,” who like the freedom of choosing when to break the rules;
  • “Risk Makers,” who trust their judgment, so rule-based training doesn’t work as well for them. They are likely to be fooled by what Norrie called “affiliated attacks,” such as from fake people on LinkedIn.

An effective awareness program will be tailored to offer specific training to these groups explaining why they are vulnerable to certain threats, Norrie said, by showing the context of a vulnerability. What it doesn’t involve, he stressed, is knowledge about technology.

 

Related:

Tips to improve awareness training

 

Infosec pros enjoy the challenges of technology because it’s largely controllable, predictable and outcomes can be predicted, he said. However, he added, they need to understand human factors are much less predictable.

The COVID pandemic and the increase in staff working from home has made this work, Norrie argued. When working in the office staff may be more cyber-aware than when working from home, with all its distractions.

“The entire public sector needs to be aware that everything they do has to reduce the probability of a successful cyberattack, reduce the total cost of a successful attack when it occurs” including everything from having cyber-secure policies and an incident response plan to cyber insurance. The goal is to build a cyber aware culture. “We have to make good cyber behaviour as natural as ‘Look both ways before we cross the street.'”

But CISOs “have to stop slinging fear,” Norrie maintained.

The post MISA Ontario 2020: Raise cyber awareness by targeted training, expert says first appeared on IT World Canada.

What is Wi-Fi sense and what can it do?

Wireless networks are typically associated with internet access in corporate networks or entertainment services like Netflix. Yet, WiFi’s application extends far beyond just streaming data to electronics. Now that a common household owns about 10 smart devices on average, it has set up WiFi sense to take the stage.

WiFi sense is a type of short-range passive radar technology, and it’s surprisingly accurate. It can easily pick up an object’s movement from room to room and zero in on gestures for activity classification. For large events, a sensor could be placed at the entrance to count visitors. Hospitals and elderly care facilities can use WiFi sensors to monitor patient movement and biometric data like heartbeats, breathing, and limb movements.

Simply put, WiFi sense measures how WiFi signals interact with movement. By pinging the environment, WiFi sense systems can easily track locations and movement based on how the signals are reflected and deflected.

WiFi sense systems communicate in either infrastructure mode or ad-hoc mode. In ad-hoc mode, each node in the sensing system communicates with a central access point (AP). In infrastructure mode, each of the nodes communicates with one another directly.

Two examples of WiFI sense configuration in a common household. Image source: Wireless Broadband Alliance

Topologies aside, WiFi sense can be active or passive. An active system sends a WiFi packet dedicated to sensing purposes. Conversely, a passive WiFi sense system appends WiFi sense data to existing WiFi traffic.

Since a passive system doesn’t send extra packets, it requires minimal processing overhead. Although active systems need higher computational power, it also has greater control over the transmission rate, bandwidth, beamforming and other environmental measurements.

Preliminary testing shows that WiFi sense performance is correlated to channel bandwidth. The larger the bandwidth, the higher the resolution. Channel bandwidth in the 2.4GHz spectrum is 20MHz, 5GHz is 160MHz, and 60GHz is 2GHz.

Benefits

Motion sensing can be achieved using infrared and radar sensors. Patient monitoring can be driven by cameras plus AI, and smartphones can already detect gestures by amalgamating a time of flight sensor (ToF) with a standard camera. These existing solutions naturally beg the question: where does WiFi sense fit in all this?

The answer is clear cut; WiFi sense has an advantage over existing solutions in that for most applications, it does not need any extra hardware. Active radar systems require dedicated antennas and transceivers that are complex and costly. On the other hand, WiFi sense uses existing devices like cell phones, PCs, and mesh WiFi systems. The user would only need to install the required software to transform their setup into a WiFi sense.

“There are about 15 billion WiFi clients devices out there,” said Taj Manku, CEO of Cognitive Systems. “With this [WiFi sense], you can now enable all these devices, which are never meant to be motion sensors, to now be motion sensors. And that can then provide the user with other capabilities going forward, whether that’s home monitoring…or IoT integration for smart homes. You are doing this simply by software.”

WiFi also penetrates through walls, enabling out of line-of-sight (LOS) operations, an important consideration for security monitoring applications. And because it doesn’t rely on image data, it retains a degree of privacy.

WiFi sense is not only useful in detecting home intrusion but can also alert the operator when someone has returned from work or have woken up. Image source: Wireless Broadband Alliance

 

For home applications, WiFi sense can be installed on virtually any WiFi device. Manku noted that the terms of motion sense, service quality doesn’t degrade much with the quality of the device.

“A lot of the very cheap devices, like the smart plugs, for example, they are just as good as a complicated device like an Alexa or Google Home,” said Manku.

Still, Manku noted that the software solution would evaluate every device to see if it has the necessary performance, but the baseline requirement is very low.

Challenges

While the idea is promising, WiFi sense isn’t without challenges. WiFi signals, like any wireless transmission, are vulnerable to interference that decreases their accuracy. And if the WiFi equipment acting as sensors come under heavy traffic, the depleted resources could reduce service quality.

Coverage and signal strength is another consideration for out of LOS applications. As previously mentioned, WiFi sense works best with high-frequency, high-bandwidth transmission. But high frequencies have trouble penetrating walls. Thus, solution designers need to balance bandwidth and accuracy, rely on more sense nodes, or consider the sensor’s proximity to the target.

In enterprise scenarios like healthcare, the high resolution demands set more stringent hardware requirements. In addition to frequency and bandwidth criteria, the devices need higher processing power for active systems with large performance overheads.

Because the WiFi standard was developed with interoperability and backwards compatibility in mind, it makes it easier to layer extra functionalities on top. With that said, WiFi equipment manufacturers need to enable lower-level access and chipset firmware access to control data flow. Similarly, the operating system may also need lower-level access to network gear to allow a standardized application interaction.

“The first hurdle is that you have to be able to work with the WiFi chipset vendors,” Manku weighed in. “And there are many different chipset vendors: there’s Qualcomm, there’s Broadcom, there’s a bunch of them. When you start, you may start working with one, but then eventually, you have to start working with all of them.”

Manku said that Cognitive Systems is working with 17 chipset vendors today.

Equally important is how these solutions are tested and verified. Manku commented that while Cognitive Systems has its own testing facilities, other manufacturers may not have the same luxury. Thus, independent third-parties need to have a standardized testing method, and the industry needs a strong push to establish them.

When will it arrive?

Although WiFi sense is just beginning to gain traction, solutions built around it are already here. Cognitive Systems already have both software and hardware products that help capture motion sensing. It hopes to work with major internet service providers in Canada to help to differentiate their service packages.

Another example comes from the School of Electrical Engineering & Computer Science (SEECS) at the National University of Sciences & Technology in Islamabad, Pakistan. The study, titled Wireless Health Monitoring using Passive WiFi Sensing published in 2017, explored the potential of using WiFi sense to track tremors, falls, and breathing rates of the elderly. The study concluded that the system, developed by the university, had an 87 per cent accuracy in measuring breathing rate, 98 per cent accuracy in detecting falls, and 93 per cent accuracy in classifying tremor. Moreover, the study argued that the WiFi sense solution is low cost and is far less “cumbersome or even demeaning” than wearing monitoring bracelets, which is even more challenging for dementia patients.

The post What is Wi-Fi sense and what can it do? first appeared on IT World Canada.

Ontario open data portal tracking COVID sees traffic spike in October as second wave looms

A website built by volunteers monitoring Ontario’s response to COVID-19 has been the go-to source for thousands of healthcare professionals keeping a vigilant eye on the pandemic’s spread for the past six months, and according to one of its creators, it’s seen a significant spike in traffic this month as a second wave pushes through the province.

During the week of Oct. 6, more than 1,000 users were accessing the website, says Dr. Ben Fine, a physician-scientist with Trillium Health Partners, lining up with the disturbingly steady rise in daily cases since the start of October. More than 150 people have volunteered since April to work on howsmyflattening.ca, a site that visualizes the too-many sources of data feeding us information about the pandemic in Ontario and beyond. These volunteers come from the Trillium Health Partners, University of Toronto, and beyond. The problem hasn’t been a lack of information for healthcare professionals to monitor and learn from over the past six months, says Dr. Fine – it was the opposite. 

“We saw places like Italy, with a more robust healthcare system, become overwhelmed,” he told IT World Canada. “In Canada, the province is putting out its own data, and so is everyone else. But these are all disparate data sources, so what we’re doing is compiling all of that disparate data and putting all of it in one place with Red Hat’s help.”

Bringing in a technology partner was necessary with a project as complicated as this, Dr. Fine stated. There’s too much to sort through and not enough time for people to do it manually, especially as the pandemic enters a second wave. Howsmyflattening.ca relies on more than a dozen data sets.

The software giant and its cherished OpenShift platform came in early thanks to a tip from IBM, explains Claude Reeves, country manager for Canada at Red Hat. He and his team jumped in to help Dr. Fine and UoT’s Dr. Laura Rosella, director of the Population Health Analytics Lab, lay the foundation for the open data portal. The project would continue to flourish thanks to members of the university’s computer science department and a host of other volunteers teaming up on the howsmyflattening.ca’s GitLab repository.

The website itself is described as a ‘virtual war room’ gathering information about COVID-19 for Ontario decision-makers, healthcare professionals, researchers, and residents. It hit the “sweet spot” for Red Hat, says Reeves, who quickly fell in love with the project itself and Dr. Fine’s desire to build howsmyflattening.ca through a community-driven approach.

“We got some folks at Red Hat who know how to build a community,” he added.

Within days, Red Hat made OpenShift available to project volunteers, and within two to three weeks, everyone was peeling through data and posting it to the website. A month later, Reeves says members began performing deeper analytics on the collected data and building visuals for the website to help present them. More recently, the data has helped visualize how the risk of transmission of COVID from younger age groups into older age groups is high.

Getting involved was a “no-brainer,” concluded Reeves.

Dr. Fine says once he and his team had the right tools, it became an “all-consuming” task to maintain the website’s back-end and automate the process of scraping the web for the latest data. Even with the project ultimately inspiring the province to stop deleting the previous day’s information on the number of new cases from its website – a practice the province was performing back in March and April – there’s been little movement to try and combine forces and help inform the province’s response to the pandemic.

“We’d be happy to engage,” he said.

The project is also intended to convey the importance of flattening the epidemiological curve. Ontario is currently experiencing a second wave of COVID-19 infections. On Oct. 26, the province reported 851 new cases. It experienced a disturbingly rapid increase of daily infections during October, exceeding even the highest number of daily infections recorded back in March. This coincided with a massive spike in traffic on the website early in October, says Dr. Fine.

“A lot of amazing people came together, students and professionals, all of whom had better things to do, and dedicated their time and effort to make this happen,” he said.

The post Ontario open data portal tracking COVID sees traffic spike in October as second wave looms first appeared on IT World Canada.

Canadian steelmaker Stelco hit by cyberattack

One of Canada’s oldest steel manufacturing firms says it has been hit with an undefined cyberattack.

In a statement released Sunday afternoon, Stelco said it was “subject to a criminal attack on its information systems.”

“In response, Stelco immediately implemented countermeasures in accordance with established cybersecurity procedures and policies that have been developed in collaboration with expert external advisors,” the statement reads. “The countermeasures taken were effective and limited the scope of the attack. Certain operations, including steel production, were temporarily suspended as a precautionary measure but have since resumed operations.”

The release also said Stelco is working with police to investigate the attack.

Stelco has facilities located in Hamilton and Nanticoke, Ont. that produce high-quality value-added hot rolled, cold rolled and coated sheet steel products used in the construction, automotive and energy industries across North America. Its parent company, Stelco Holdings Inc. is listed on the Toronto Stock Exchange.

Asked for comment, vice-president of corporate affairs Trevor Harris said the company had nothing more to say beyond what was in the release.

The statement said that Stelco continues to investigate the incident and the extent of the impact on its systems. Its backup and recovery plans were being implemented Sunday to fully re-establish its systems as quickly as possible. However, it added, some business functions may be adversely affected during this recovery process.

In its annual results released Feb. 18, the parent company Stelco Holdings Inc. said for the calendar year 2019 net earnings were $10 million on $1.8 billion of revenue, compared to net earnings of $253 million for 2018. During the year it shipped 2.4 million tons of steel products compared to 2.6 million tons for 2018.

The company suffered a net loss of $24 million on revenue of $435 million in the fourth quarter of 2019, in part due to what it called “an unprecedented drop” in average steel prices. In the first quarter of this year it lost another $24 million, while net income was zero in the second quarter.

The post Canadian steelmaker Stelco hit by cyberattack first appeared on IT World Canada.

Workflow management apps, like Montreal’s Unito, see spike in new signups

COVID-19 has disrupted workflows and processes that are helping run organizations worldwide, and enterprises are turning to SaaS apps like Unito to create clarity out of the chaos.

“A lot of people working remotely have come to realize just how much their workflows relied on spontaneous or in-person conversations. As companies shifted remote because of COVID-19, they lost the desk-side chats, the lunchtime conversations, and the impromptu check-in meetings and then their workflows fell to pieces,” said Marc Boscher, chief executive officer of the Montreal-based workflow management solutions provider company Unito, in an interview with IT World Canada. “Once these gaps became obvious, people began working to address them. In a lot of cases, this meant filling the holes with Zoom calls, but many forward-thinking companies sought out solutions that would allow them to optimize their workflows for asynchronous work and remote work. And that’s where a lot of businesses, especially larger companies, turn to us.”

In the months after the pandemic began, Unito saw a 74 per cent increase in signups among users from companies with at least 10,000 employees.

“That’s because these big companies use a ton of tools and have extremely complex workflows. We help them adapt their workflows by connecting the tools required to complete them, accelerating their transition to remote work,” explained Boscher. 

There are many ways in which workflow management factors into the new psychology of the workplace. It helps align processes, work styles, goals, terminology, and people. It creates psychological safety by removing many of the stressors associated with “the new workplace,” he said. 

“Workflow management smooths out the hardest kind of collaboration in the workplace: cross-functional collaboration. Imagine I told you I’m assembling a project team who barely know each other, have different educations and skills, use different terminology to describe the same thing, are used to different processes, work styles and goals, and use completely different tools. What would you say are the chances they’ll collaborate smoothly, much less deliver the project successfully? Those are the conditions of collaboration when you cross the usual organizational structure. It’s really hard, but it’s also really important,” Boscher explained during an interview. 

A recent IBM study of global C-suite executives titled “COVID-19 and the Future of Businessindicates global executives are prioritizing more intelligent, secure and responsive workflows that are developed using a combination of technologies such as automation, AI and cybersecurity. 

Over the next two years, the study finds prioritization of AI technology will increase by 20 percentage points. Sixty per cent of executives surveyed have accelerated process automation, and many will apply more automation across all business functions, and 76 per cent of executives surveyed plan to prioritize cybersecurity. The study includes input from more than 3,800 C-suite executives in 20 countries and 22 industries. 

The majority of businesses are trying to make their remote work environment similar to their in-office environment. That’s a natural reaction — they are trying to recreate what they knew, what was comfortable, but Boscher says he thinks remote work requires a different approach. Psychologist Kristen Shockley said, “Companies should never just implement telecommuting without changing anything else. They also need to shift their culture and norms to support the new arrangement.” 

Founded in 2015, Unito was created to integrate disparate SaaS applications. “We could transmit data from one tool to another, replicate changes from one tool to another back and forth. It was also very focused on collaboration between teams, for example – the marketing teams working out of Trello or Asana or engineering teams working with tools like JIRA or GitHub,” explained Boscher. “But we discovered along the way that the problem was much more widespread and people, business users in particular, were trying to find a way to organize and visualize the way work was happening in the organization, and then optimize it.”

Using two-way integrations between tools including Trello, Asana, monday.com, Jira, Wrike, ClickUp, GitHub, GitLab, Bitbucket, Teamwork, Basecamp, Zendesk, and HubSpot, developers use the tools they want while offering managers greater visibility into and control over their work.

The company recently launched its new workflow management offering, which Boscher says is a visual way to discover where the work is happening in a team or an organization and in which tool it is happening, understand who’s working with who, and give the team of the organization the ability to automate some of that process workflow and accelerate it through integration.

Unito’s personal plans start at $10 per month for five active users and top out at $20 for 10 users. Companies with 40 to 150 active users will have to pay $250 per month up to $770, respectively. Unito has a 4.5 star rating on Gartner’s GetApp.com, an app discovery platform that compares SaaS products. Some of its bigger competitors in the workflow management arena include Boomi and HubSpot’s PieSync.

The post Workflow management apps, like Montreal's Unito, see spike in new signups first appeared on IT World Canada.

SecTor 2020: The blonde, the smile, and the hack

An attractive blonde follows a man onto an office elevator. “Nice to see you again,” she says to him.

He pauses. She must be right, he figures, so he smiles back. Then she compliments him on his scent.

The elevator arrives at his floor, which is security controlled. He inserts his access card into a slot in the elevator panel, and when the doors open, he turns to the woman and says, “Ladies first.”

The blonde is Paula Januszkiewicz, CEO of Cqure Inc., a Polish-based penetration testing and auditing company, who has just accomplished the first part of her assignment: Get unauthorized access to a customer’s office.

It’s lunchtime at the office she just entered. Staff are leaving their desks. Company policy is employees should make sure PCs are logged off the network before leaving computers unattended to prevent what is about to happen. Even if they forget, machines are configured to log off after five minutes. One staffer leaves his computer on. Januszkiewicz sits at his desk. She yawns or coughs, enough so other staff see a stranger sitting at someone’s desk. No one comes over to ask who she is.

So Januszkiewicz is free to insert a specially created USB key and hacks into the system.

The lesson

There’s a lesson from this incident, Januszkiewicz told the SecTor 2020 virtual conference on Wednesday: If an attacker does things with confidence, they may get through anything from physical security to anti-phishing filters.

As the keynote speaker for this year’s conference, Januszkiewicz emphasized the importance of understanding how cyber attackers your infrastructure: As an object to be manipulated by knowing human behaviour.

Behaviour like being lazy in picking passwords. On assignment to penetrate an energy company Januszkiewicz found no problem guessing some employee passwords. She assumed at least one person would use the firm’s name and just add “2020.” She was right. Twenty-nine of 6,000 employees had that password.

Bad behaviours

Other bad user behaviours hackers take advantage of include:

  • Falling for dropped USB scams. One study showed 90 per cent of people who find USB drives with a company logo in a parking lot will plug it into a company computer to find out who it belongs to. In fact, 60 per cent will do it even if there is no logo. Infected USB devices could run unapproved code. One solution is a whitelisting policy that prevents unapproved code from executing;
  • Falling for phishing and clicking on infected attachments. There’s no shortage of examples, but Januszkiewicz spoke of a new one: A seemingly empty Excel spreadsheet with an infected picture hiding behind an empty cell. If an employee clicks on a cell trying to see if the spreadsheet has hidden information, the malware executes. One solution is strict access management to prevent admin accounts from being taken over by malware;
  • Hacking lost smartphones. Seventy per cent of smartphone owners don’t password-protect their devices, one study shows. One solution: A strict company policy of reporting the loss of company or personal devices that access corporate data;
  • Careless use of public Wi-Fi with devices that access corporate data—one solution: Better user awareness training.

Thinking like a hacker, Januszkiewicz said, will allow organizations to design successful cybersecurity strategies.

The post SecTor 2020: The blonde, the smile, and the hack first appeared on IT World Canada.

Google Cloud awarded Framework Agreement for Secure Cloud Services by Canadian government

While all eyes are on the U.S. Justice Department this week as it launched an antitrust lawsuit against Google, Google Cloud quietly announced its latest step in strengthening its relationship with Canada.

Today, the federal government awarded Google Cloud with a Framework Agreement for Secure Cloud, giving Google the green light to sell its cloud platform and collaboration technologies to federal agencies.

“We want to work with, and better support a wide range of federal departments, agencies, and crown corporations,” Mike Daniels, vice-president of global public sector for Google Cloud told IT World Canada, pointing out how a framework agreement like this allows them to support programs that require high levels of data protection for government workloads. “This new agreement reflects our continued investment and support for customers in the Canadian public sector, including the announcement of our second data center region in Toronto. It is another example of momentum we’re seeing as government agencies move to the cloud.” 

Also:

 

Despite some recent pitfalls – like the collapse of the Sidewalk Labs smart city project – Google has strong relationships with public sector agencies across the country. More recently, it announced its intentions to open up new offices in Toronto, Montreal and Waterloo in the coming years. That’s on top of the new Google Cloud Region in Montreal with three availability zones. A spokesperson for Google confirmed the tech giant is also planning another cloud region with three availability zones for Toronto. 

The Canadian public sector is viewed by most technology vendors as a cautious client when it comes to cloud adoption. Still, Daniels says there’s no doubt that Canada’s public agencies are becoming cloud friendly. That’s also evident in Canada’s public sector’s investments in competing cloud providers, such as Microsoft Azure and Amazon Web Services.

Daniels says Google Anthos, which allows IT admins to manage modern hybrid applications on existing on-premises investments or in the public cloud, has gotten the attention of clients hesitant to take the full leap into the cloud. The COVID-19 pandemic has changed priorities for businesses and governments globally, and Google is heavily involved in many of those boardroom discussions. The Canadian market is no different, he says.

“It’s [COVID-19] changed a number of things, allowing the government to rethink itself. We’re looking forward to being part of those discussions as a partner,” Daniels said.

Daniels wasn’t able to list all of the different government customers Google works with, but he did confirm that the Upper Grand District School Board in Guelph is one of its bigger public sector clients in Ontario. Canadian customers in the private sector include Loblaws, Scotiabank, ATB Financial and Celestica. CBC has also been a long-time user of collaboration services like Workspace (now known as G Suite). A spokesperson for Google also said that CBC was an early adopter of Google’s Kubernetes products such as Google Kubernetes Engine.

When it comes to the antitrust lawsuit south of the border – which Google scoffed at in a recent blog post penned by Kent Walker, senior vice-president of Global Affairs – Daniels could not comment on what impact, if any, those discussions could have on the framework agreement. Meanwhile, in Canada, Google faced a class-action lawsuit earlier last month, filed on behalf of the millions of Canadians whose personal information was allegedly collected without consent by the company. That was followed by a new class-action lawsuit claiming privacy violations of Android users in British Columbia, Ontario and Quebec.

 

The post Google Cloud awarded Framework Agreement for Secure Cloud Services by Canadian government first appeared on IT World Canada.

Dell Technologies World 2020: Executive keynotes focus on 5G and living on the edge with edge computing

Like most other vendors this year, Dell Technologies has, after delaying for a few months in hopes that the COVID-19 situation would abate, resorted to turning its flagship conference, Dell Technologies World, into a virtual event. This week’s two-day event features a mix of live and pre-recorded sessions, as well as lively music performances, games – and puppies! (Seriously, there’s a puppy cam).

Dell Technologies chairman and chief executive officer Michael Dell kicked things off saying, “Technology has never been more central than it is now.” Digital transformation is like a machine with data as its fuel, he noted, and 5G is the digital fabric that lets us extend the cloud to the digital edge.

With that in mind, he announced the expansion of the Dell Technologies Cloud and introduced Project APEX, Dell’s initiative to offer all of its products and services in an as-a-service (aaS) model to give customers a choice in how they consume them. But he also highlighted the need for empathy; adding technology alone is never the answer to our problems.

“While we talk about the digital transformation, my hope is that we are also seeing a human transformation with more kindness, generosity, and empathy. We’ve needed all of that because in the last eight months, we’ve also revealed hard truths, some hard to watch, and hard to live through, as the fault lines of our society are laid bare, in access to healthcare, to education, to opportunity, and to justice. And we are going to need all of that kindness and generosity and empathy going forward to help bridge these divides and make good on the promise of a brighter future.”

Vice-chairman and chief operating officer Jeff Clarke makes an appearance during Dell Technologies 2020.

By 2023, noted vice-chairman and chief operating officer Jeff Clarke, according to IDC 52 per cent of the global GDP will be digital, and three-quarters of enterprise generated data with be created outside the traditional datacentre by 2025.

“This is the ultimate disaggregation of data moving at high speed further away from traditional core data centres, requiring hybrid cloud architectures that enable data visibility and management at the edge,” he said. “And 5G is more than the next-generation cellular network. It’s the digital fabric of the data era and extends the cloud operating model to the edge and forces a modernization of proprietary mobile networks.”

In fact, VMware CEO Pat Gelsinger told Clarke during the keynote, “I think enterprise 5G will displace Wi-Fi globally.”

Global chief technology officer John Roese then expanded on the theme.

“Your organization’s competitive advantage is directly determined by how rapidly you turn data into meaningful insights that influence your organization’s outcomes,” he said. “For digital leaders, data is the foundation that enables you to be a true intelligent business to be able to deliver personalized customer experiences, smarter products, and winning business models.”

He enumerated Dell’s six strategic technologies: hybrid cloud, edge, 5G, security, artificial intelligence and machine learning, and data management, noting, “While organizations are tackling these areas in bits and pieces, they’re actually best and most powerful when they work together.”

But, he added the future he’s outlining “must be built and operated by real people.”

“In 2020, we got a glimpse of the future with digital transformation accelerating our businesses and our homes, work from anywhere, telemedicine, and virtual learning are shaping new behaviours worldwide, with technology at the core of it all,” Dell added. “But even more important than the technology that fuels our future is our collective humanity.”

The post Dell Technologies World 2020: Executive keynotes focus on 5G and living on the edge with edge computing first appeared on IT World Canada.

SK Hynix acquires Intel NAND flash memory division for $9 billion

South Korean semiconductor company SK Hynix is acquiring Intel’s NAND flash memory division for US$9 billion.

The acquisition, announced on Oct. 20, will see SK Hynix absorb Intel’s NAND SSD-associated IP and employees, as well as Intel’s NAND fab in Dalian, China. Although the purchase would undoubtedly expand SK Hynix’s NAND storage portfolio, SK Hynix will also gain Intel’s current customer base.

“I am proud of the NAND memory business we have built and believe this combination with SK Hynix will grow the memory ecosystem for the benefit of customers, partners and employees,” said Bob Swan, CEO of Intel, in a press release. “For Intel, this transaction will allow us to further prioritize our investments in differentiated technology where we can play a bigger role in the success of our customers and deliver attractive returns to our stockholders.”

The SK Hynix press release also explained that Intel intends to focus on AI, 5G, but the move to sell its NAND production can be seen as a move to focus on its core products like processors. With that said, Intel will retain its Optane 3D XPoint storage-class memory technology and stay in the storage business. 

Intel’s Non-Volatile Memory Solutions Group (NSG) has fallen on hard times. In Intel’s Q1 2019 earnings call, Swan noted that its memory business fell 12 per cent due to NAND’s pricing pressures, low demand, and deteriorating average sale price.

“We got to generate more attractive returns on the NAND side of the business,” Swan said in the call. “And the team is very focused on making that a reality. And to the extent there is a partnership out there that’s going to increase the likelihood and/or accelerate the pace, we’re going to evaluate those partnerships along the way so it can be enhancing to the returns of what we do in the memory space.”

SK Hynix will receive an initial US$7 billion payment. The remaining US$2 billion will be paid upon the final closing in March 2025. Intel will retain all IPs related to the manufacturing and design of NAND flash wafers until the final closing.

A trip down the memory lane

Intel first partnered with Micron Technologies in 2006 to produce solid-state drives under Intel Micron Flash Technologies (IMFT) banner. As part of their partnership, Intel purchased Micron’s NAND at cost. Products from their partnership included SSDs for both enterprises and consumers.

In 2015, Intel and Micro created 3D XPoint flash storage-class memory,  a non-volatile memory that was much faster and durable than traditional NAND flash storage. The technology was sold under the Optane and QuantX SSD brands. In the same year, Intel announced that it would build its own NAND fabrication plants in Dalian, digressing from Micron’s NAND division. The pair continued to collaborate on 3D XPoint. 

Intel and Micron eventually ended their 3D XPoint partnership in July 2018. Soon after, Micron expressed interest in purchasing Intel’s final IM Flash fab in Utah to produce 3D XPoint chips in October 2018. The deal closed in late 2019. As a part of the deal, Micron had promised to sell 3D XPoint chips to Intel while it figures out a transition plan.

There could be a good reason why Intel didn’t turn its Dalian 3D NAND fab into a 3D XPoint fab. In a comment to Blocks & Files, analyst Jim Handly said Intel’s 3D XPoint is very unprofitable to produce. He estimated that Intel lost $2 billion on 3D XPoint in 2017 and 2018, and $1.5 billion in 2019. That’s unsurprising, however, as 3D XPoint memory production is nowhere near as mature as 3D NAND.

Given Micron and Intel’s extensive history, Micron’s seeming disinterest in Intel’s NAND business came as a surprise.

Intel and Micron were not immediately available for comment.

The post SK Hynix acquires Intel NAND flash memory division for billion first appeared on IT World Canada.

Twitter slammed by U.S. regulator over bitcoin scam

A New York state regulator has slammed Twitter for poor cybersecurity protection that allowed young hackers to seize control of several celebrities’ accounts in July to run a  “double your bitcoin” scam.

“Given that Twitter is a publicly-traded, US$37 billion technology company, it was surprising how easily the hackers were able to penetrate Twitter’s network and gain access to internal tools allowing them to take over any Twitter user’s account,” said the report by the Department of Financial Services.

“Indeed, the hackers used basic techniques more akin to those of a traditional scam artist: phone calls where they pretended to be from Twitter’s Information Technology department. The extraordinary access the Hackers obtained with this simple technique underscores Twitter’s cybersecurity vulnerability and the potential for devastating consequences. Notably, the Twitter Hack did not involve any of the high-tech or sophisticated techniques often used in cyberattacks–no malware, no exploits, and no backdoors.”

In particular, it slammed the company for not having a CISO for seven months before the attack. “A lack of a CISO sends the message that cybersecurity is not a top priority from senior leadership,” says the report.

The hackers — who are facing criminal charges — took over the Twitter accounts of politicians, celebrities, and entrepreneurs, including Barack Obama, Kim Kardashian West, Jeff Bezos, and Elon Musk, as well as Twitter accounts of several cryptocurrency companies regulated by the New York State Department of Financial Services.

What worries the regulator is there are well-documented examples of social media being used to manipulate markets and interfere with elections, often with the simple use of a single compromised account or a group of fake accounts.

“The Twitter Hack demonstrates the need for strong cybersecurity to curb the potential weaponization of major social media companies. But our public institutions have not caught up to the new challenges posed by social media. While policymakers focus on antitrust and content moderation problems with large social media companies, their cybersecurity is also critical. In other industries that are deemed critical infrastructure, such as telecommunications, utilities, and finance, we have established regulators and regulations to ensure that the public interest is protected. With respect to cybersecurity, that is what is needed for large, systemically important social media companies.”

Related:

Twitter attack shows need to better protect admin accounts [Full story]

 

The attack started on the afternoon of July 14 when one or more hackers called several Twitter employees and claimed to be from the company’s help desk responding to a reported problem the staffer was having with Twitter’s virtual private network. Since switching to remote working, VPN problems were common at Twitter. The hackers then tried to direct the employee to a phishing website that looked identical to the real Twitter VPN website and was hosted by a similarly named domain. As the employee entered their credentials into the phishing website, they would simultaneously enter the information into the real Twitter website.

For protection, Twitter strengthens logins by making employees use multi-factor authentication. However, because the hackers were logging into the real site, if a staffer entered their MFA code on the fake site, the attackers could copy it into the real site.

To aid the attack, the hackers used personal information about the employees to convince them that the callers were real Twitter staff and could, therefore, be trusted. The report doesn’t say how the attackers got this information other than speculating it did research to identify staffers and their titles.

Some were suspicious

While some employees were suspicious and reported the calls to Twitter’s internal fraud monitoring team, at least one employee fell for the scam. Getting into this person’s corporate account didn’t get the attackers what they wanted, which was the ability to take over celebrity Twitter accounts. They took the time to wander around Twitter’s internal websites and learn more about the company’s systems. That gained them information about how to access other internal applications.

On July 15, the hackers targeted Twitter employees who had access to certain internal tools to help take over accounts. Some of them were part of the department responsible, in part, for responding to sensitive global legal requests, such as court orders or content removal requests, as well as for developing and enforcing policies to prohibit abusive online behaviour.

Initially, the hackers went after valuable so-called “original gangster” (“OG”) Twitter usernames, which are usually designated by a single word, letter, or number and adopted by Twitter’s early users.  Access to a hijacked OG account could be resold for bitcoin. To show off their prowess, the hackers tweeted screenshots of one of the internal tools from some of the accounts.

Next, the hackers upped their game, going after “verified” accounts of well-known people who want the blue verified badge as a source of authenticity. But a hacked verified account would make fraudulent demands for bitcoin appear more legitimate. The first hijacked verified account belonged to a cryptocurrency trader—direct messages sent from that account asking for 0.01 bitcoin for trading information. After hijacking Twitter accounts of cryptocurrency exchanges, the hackers sent tweets suggesting a bitcoin giveaway, with a link to a scam address. Finally, the attackers gained access to verified accounts of celebrities and fired tweets with the scam offer to millions of their followers.

Exchanges moved quickly

Overall, 130 Twitter user accounts were compromised. Of those, 45 accounts were used to send tweets. Hackers also downloaded data from seven of those accounts through Twitter’s “Your Twitter Data” (“YTD”) tool, which provides a summary of a Twitter account’s details and activity.

The report says the hackers stole approximately US$118,000 worth of bitcoin through the scam.

The report credits cryptocurrency exchanges whose Twitter accounts were hacked with responding quickly to block impacted addresses after being notified by the regulator. Still, Gemini, Square, and Coinbase said that a handful of customers fell for the scam and transferred $22,000 in bitcoin to the hackers’ accounts.

But it came down hard on Twitter, particularly for not having a CISO for seven months before the hack. “A lack of strong leadership and senior-level engagement is a common source of cybersecurity weaknesses. Strong leadership is especially needed in 2020 when the COVID-19 pandemic has created a host of new challenges for IT and cybersecurity. Like many organizations, in March, Twitter transitioned to remote working due to the pandemic. This transition made Twitter more vulnerable to a cyberattack and compounded existing weaknesses.”

‘Didn’t implement significant compensating controls”

Early in the year, the department issued guidance to its regulated firms to identify and assess the new security risks created by remote working because of the pandemic, the report indicated. But Twitter was dragging its heels.

“Twitter did not implement any significant compensating controls after March to mitigate this heightened risk to its remote workforce, and the hackers took advantage.

“To its credit, Twitter has advised the Department that it is now implementing additional security controls to prevent similar attacks in the future, such as improved MFA and additional training on cybersecurity awareness, and in late September 2020, it announced the hire of a new CISO. But the consequences of the Twitter Hack show why it is critical for Twitter and other social media companies to implement robust controls before they experience a cyber incident, not after.”

Among the report’s recommendations are that cryptocurrency exchanges have to proactively identify and quickly block addresses known to be used by fraudsters. It also says that — where possible — some companies are restricting cryptocurrency asset transfers only to addresses that have already been approved. However, adding a new address can take a day or more.

“Twitter’s access management and authentication failed to prevent unsophisticated hackers from getting to the powerful internal tools,” the report notes. While Twitter limit access to the internal tools, over 1,000 employees still had access to them for job functions, user account maintenance and support, content review, and responses to reports of Twitter Rules violations. Since the hack, Twitter has further limited the number of employees with access to internal tools, even though it caused a slowdown of some job functions.

The report also says Twitter has abandoned application-based MFA in favour of a physical security key.

Finally, the report suggests a U.S. federal regulator be created to oversee social media platforms. “The risks posed by social media to our consumers, economy, and democracy are no less grave than the risks posed by large financial institutions,” it argues. “The scale and reach of these companies, combined with the ability of adversarial actors who can manipulate these systems, require a similarly bold and assertive regulatory approach.”

The post Twitter slammed by U.S. regulator over bitcoin scam first appeared on IT World Canada.

Six Russian military officers indicted by U.S. grand jury for huge cyber attacks

Six members of Russia’s military intelligence unit have been accused of being behind some of the biggest known cyberattacks, including the NotPetya wiper, which caused over $1 billion in losses around the world, and malware that twice knocked out power to large parts of Ukraine.

The U.S. Justice Department said Monday that a federal grand jury in Pittsburg returned an indictment accusing the hackers and their co-conspirators of conspiracy, computer hacking, wire fraud, aggravated identity theft, and false registration of a domain name.

The alleged purpose of the attacks was to support Russian government efforts to undermine, retaliate against, or destabilize:

  • The neighbouring countries of Ukraine and Georgia;
  • The 2017 elections in France. It’s alleged the conspiracy included spearphishing campaigns and related hack-and-leak efforts targeting French President Macron’s “La République En Marche!” (En Marche!) political party, French politicians, and local French governments;
  • Efforts to hold Russia accountable for its use of a weapons-grade nerve agent, Novichok, in the U.K. This relates to April 2018 spearphishing campaigns targeting investigations by the Organisation for the Prohibition of Chemical Weapons (OPCW) and the United Kingdom’s Defence Science and Technology Laboratory (DSTL) into the nerve agent poisoning of Sergei Skripal, his daughter, and several U.K. citizens;
  • The 2018 PyeongChang Winter Olympic Games in South Korea after Russian athletes were banned from participating under their nation’s flag as a consequence of Russian government-sponsored doping effort. This refers to cyberattacks, which culminated in the Feb. 9, 2018, destructive malware attack against the opening ceremony, spearphishing campaigns and malicious mobile applications targeting South Korean citizens and officials, Olympic athletes, and partners and visitors, and International Olympic Committee (IOC) officials.

The New York Times quoted the Russian Embassy in Washington as strongly denying the allegations. “It is absolutely obvious that such news breaks have no bearing on reality and are aimed at whipping up Russophobic sentiments in American society, at launching a ‘witch hunt’ and spy mania, which have been a distinctive feature of the political life in Washington for several years,” the embassy’s press office said.

The six allegedly were behind the KillDisk and Industroyer malware, which caused blackouts in Ukraine in December 2015 and December 2016; the NotPetya wiper worm, which caused nearly $1 billion in losses to three companies along; and Olympic Destroyer, which disrupted thousands of computers used to support the 2018 PyeongChang Winter Olympics.

All are alleged to be officers in Unit 74455 of the Russian Main Intelligence Directorate of the Russian army (GRU). They are believed to be in Russia and unlikely to ever face trial in the U.S.

Released in 2017, NotPetya is believed to have been originally aimed at people in Ukraine because those behind it began by compromising the update mechanism for a Ukrainian tax software called MEDoc. But experts believe it escaped to infect computers in 65 countries that hadn’t installed a Windows patch Microsoft had recently released. That led to many infosec pros arguing that good patch management could have stopped the spread of the worm.

Among the companies whose IT systems were badly battered by the worm were shipping company Maersk, FedEx’s TNT division in Europe and pharmaceuticals manufacturer Merck. Merck was quoted as initially estimating recovery costs would hit US$175 million, plus another $135 million in lost sales. FedEx initially claimed it lost US$400 million due to lost business.

Merck made a cyber insurance claim for US$1.3 billion to cover restoring or replacing servers and PCs and loss of business. However, its insurers have refused to pay, arguing the incident was an act of war. The dispute is still before U.S. courts.

Less than a year later, U.K. government cyber analysts pointed the finger at Russia, a conclusion Canada agreed with.

Cybersecurity researchers have the gang behind these attacks by various names, including “Sandworm Team,” “Telebots,” “Voodoo Bear,” and “Iron Viking.”

“No country has weaponized its cyber capabilities as maliciously or irresponsibly as Russia, wantonly causing unprecedented damage to pursue small tactical advantages and to satisfy fits of spite,” National Security Assistant Attorney General John Demers said in a statement. “Today the department has charged these Russian officers with conducting the most disruptive and destructive series of computer attacks ever attributed to a single group, including by unleashing the NotPetya malware.  No nation will recapture greatness while behaving in this way.”

“The FBI has repeatedly warned that Russia is a highly capable cyber adversary, and the information revealed in this indictment illustrates how pervasive and destructive Russia’s cyber activities truly are,” said FBI deputy director David Bowdich.  “But this indictment also highlights the FBI’s capabilities. We have the tools to investigate these malicious malware attacks, identify the perpetrators, and then impose risks and consequences on them.  As demonstrated today, we will relentlessly pursue those who threaten the United States and its citizens.”

U.S. authorities thanked the governments of the U.K., Ukraine, Georgia, New Zealand and South Korea for their help, as well as Google, Cisco Systems, Facebook and Twitter.

The post Six Russian military officers indicted by U.S. grand jury for huge cyber attacks first appeared on IT World Canada.

SpaceX granted basic telecom license in Canada

The Canadian Radio-Television and Telecommunication Commission (CRTC) is granting Space Exploration Technologies Corp., also known as SpaceX, a Basic International Telecommunications Service license (BITS).

In an Oct. 15 letter to Bret Johnsen, chief financial officer of Space Exploration Technologies, the CRTC said it granted the license “after consideration of the comments received.” A BITS license allows a company to provide international telecommunication services but does not allow it to operate as an internet service provider within the issuing nation.

SpaceX had filed a request for a BITS license in June 2020 with the aim of eventually providing internet service to remote areas in Canada.

The CRTC noted that it has received 2,585 interventions regarding the company’s BITS application.

The CRTC’s letter clarified that “all entities who provide services as a facilities-based carrier must at all times comply with the appropriate regulatory framework, including the ownership and control requirements of section 16 of the Act and the Canadian Telecommunications Common Carrier Ownership and Control Regulations.”

SpaceX’s Starlink program operates a network of low-orbit satellites that can beam internet to anywhere on Earth. On Sunday, the company launched 60 more satellites, expanding its fleet count to 835. There’s still a ways to go for ubiquitous global coverage, however, as SpaceX wants to launch at least 120 new satellites every month and eventually deploy 12,000 satellites to low-orbit.

SpaceX claimed that its Starlink program can provide 100Mbps downlink with a 30ms latency. At this speed, it would take about a second to download a 10MB file. Although satellites can deliver internet to areas that don’t allow for radio towers, they’re also more susceptible to interference from inclement weather.

Above, a row of Starlink Satellites march through the night sky over Leiden, Netherlands in 2019. Video credit: Marco Langbroek, Vimeo.

The post SpaceX granted basic telecom license in Canada first appeared on IT World Canada.

Proposed new body may break UN logjam over cyberspace governance

For more than 20 years, countries have been trying to negotiate some way to bring order over cyberspace. During those years cyberattacks have only increased.

In fact, for the past three years, two United Nations bodies — the Group of Governmental Experts (GGE) and the Open-Ended Working Group on security (OEWG) — have separately been working on the same governance issues, with little progress to show. This is often portrayed as fighting between Western and authoritarian governments.

However, some experts, including Josh Gold, a former research assistant at the University of Toronto’s Citizen Lab who specializes in cyber governance, think a quiet proposal by France and Egypt earlier this month may pave the way to getting something done.

Called a Programme of Action on Advancing Responsible State Behaviour in Cyberspace (PoA for short), it suggests creating a new body that can split governance into several issues to be dealt with individually. Where there is consensus, countries will start acting. Where there isn’t, those issues will be left alone.

A problem with both the GGE and OWEG is they both rely on consensus. If one country objects, resolutions fail. A cyber PoA gets around that. Its goal would be urging countries to implement cyber principles they agreed to in 2015.

It’s one of several suggestions for ending the dual-track GGE and OWEG talks on norms for cyberspace and moving to a single body. The future of the OWEG will be discussed in December.

If there is unanimous approval the PoA proposal could be part of the OEWG’s final report, which is scheduled for release in March 2021.

Related

Canada among countries calling for rules-based control over cyberspace

 

A cyber PoA “could eliminate redundancy, duplication, and the added cost of having two bodies dealing with essentially the same thing,” Gold, who just left Citizen Lab, said in an interview last week.

Gold said the proposal hasn’t even been finalized or officially made public. Among diplomats, it’s called a “Food for Thought” document. However, it is getting notice.

Earlier this month a blog by two French researchers argued that a cyber PoA “allows for concrete discussions and progress within working groups devoted to specific issues.” In that sense, they wrote, it could combine the best of the Group of Experts and the Open-Ended Working Group.

Gold also said Australia recently released an informal discussion paper outlining the pros and cons of the proposal.

Meanwhile, Russia, which insisted in 2018 on creating the OEWG on security, is now proposing creating a new Working Group with a five-year mandate. To some that essentially would keep countries just talking.

By contrast, the cyber PoA, which is based on a 20-year-old UN program for limiting the international distribution of small arms, is aimed at accomplishing goals. The suggestion is it would start with a “political declaration” reaffirming that international law applies in cyberspace and the 11 norms of responsible state behaviour in cyberspace agreed by consensus in the 2013 and 2015 GGE sessions. Crucially, the 2015 agreement was adopted by the entire UN. After that, the goal of the PoA would be getting countries to implementing what has already been agreed to.

Briefly, the 2015 GGE:

  • Recognizes the principle of state sovereignty, the settlement of disputes by peaceful means, and non-intervention in the internal affairs of other States, applies to cyberspace.
  • Recognizes that states must comply with their obligations under international law to respect and protect human rights and fundamental freedoms.
  • Agrees that UN should play a leading role in developing common understandings on the application of international law and norms, rules and principles for responsible State behaviour.
  • Agrees with other norms, rules, and principles on the responsible behaviour of States. One was that countries should not conduct cyber activity that intentionally damages critical infrastructure. Another is that states should not harm authorized computer emergency response teams (CERTS).

A cyber PoA would focus on how countries are implementing these principles. The suggestion is it would meet every year, with nations publicly presenting their progress. The world would see who isn’t progressing. Every five years there would be a consensus-based review conference, which would potentially allow the introduction of new norms or resolutions.

So far 40 countries have signed on to the proposal including Egypt, Singapore, Japan, Norway, Ecuador, Gabon, the United Kingdom and the European Union. Canada and the U.S. aren’t among them.

In response to a question from IT World Canada, Global Affairs Canada said the government is interested in the Programme of Action proposal. “The proposal offers a way forward that would allow the UN and the international community to focus on implementing the acquis of previous UN Groups of Governmental Experts when it comes to norms of State behaviour, confidence-building measures and the applicability of international law in cyberspace.

“Canada welcomes the broad and diverse support that this proposal has received among UN member States and looks forward to discussing this proposal in more detail at the December 1-3 OEWG informal meeting, which will focus on the future UN cyber mechanism.”

A separate UN body is also looking at possible rules to smother cybercrime. Called the ad hoc committee of experts on cybercrime, it was created in December 2019. Before COVID-19, it had been scheduled to meet in New York in August 2020. So far, Russia has support for a resolution proposing the creation of a global cybercrime treaty. However, Global Affairs Canada says Canada and others believe nations should use existing tools. One of them is the 2004 Budapest Convention, which sets out common procedures for law enforcement co-operation in cybercrime cases. One expert says Russia’s attempt to get a treaty advances its long-standing goal of replacing the Budapest Convention.

The GGE approach had been showing promise until 2017 when countries failed to reach a consensus on a final report.

Gold was watching the OWEG as part of his work for Citizen Lab, even attending three sessions as an observer in New York before the pandemic shut down in-person meetings. In a column for the Council on Foreign Relations, he summarized proposals made to the OWEG in April.

About 120 countries have either joined statements of others or given statements, he said. “That’s been really valuable for different countries to hear what others are thinking, and it helps with the back and forth. A lot of countries understand things better. Not every country has diplomats who have been dealing with cybersecurity issues for decades, so this [discussion] helps get other countries on the same level. The whole group serves as a confidence-building measure in that when things are tense or when views are misunderstood there’s a forum where countries can get together and speak.”

At the moment the second draft of a final resolution is circulating. Canada is among the countries proposing changing certain wording of the draft including guidance on implementing the norms agreed to by the 2015 GGE.

Since physical meetings of the OEWG have been replaced with phone calls it’s hard to assess the mood, Gold said. There are new proposals from the informal September meetings, but he says the movement is “stagnating.” There are also meeting proposed for November and December.

Asked if at this point there is a movement to the necessary consensus, Gold said, “based on what I’ve heard from diplomats they give it a one out of three or 50/50 chance of a [final] report.”

The post Proposed new body may break UN logjam over cyberspace governance first appeared on IT World Canada.

University of Calgary launches master of data science and analytics degree

The University of Calgary is adding a new graduate program to help people with different disciplines become data scientists.

The Master in Data Science and Analytics (MDSA), which was unveiled this week, is a graduate degree program offered through a collaboration between the Faculty of Science, the Haskayne School of Business, the Cumming School of Medicine, and the Faculty of Graduate Studies.

According to the university, the new program is aimed at building capacity in Canada’s growing digital economy. Statistics Canada says the country’s digital economy – which itself isn’t an industry but for a sense of scale we’ll ignore that for a moment – was larger as a proportion of the total economy than mining, quarrying and oil and gas extraction (4.8 per cent), transportation and warehousing (4.6 per cent) and utilities (2.4 per cent) in 2015. On an annual basis, the digital economy increased more than the total economy every year except in 2011 and 2017 when Canada experienced strong growth in the energy sector.

“Realizing the changing needs in an increasingly data-driven economy in Alberta, Canada, and around the world, the new program will fill an important niche in meeting the needs of students with an interest in re-skilling and up-skilling towards the tech sector,” said Dr. Bernhard Mayer, PhD, interim Faculty of Science dean. “Students in the master of data science and analytics program can expect a leading-edge education that will help them transition to important roles in Canada’s tech economy.”

The University’s website says fundamental data science, business analytics, and health data analytics and biostatistics are the program’s three areas of focus. The degree can be completed full-time in 16 months (or 12 months if students choose an accelerated pathway) or part-time through a stackable certificate and diploma pathway.

Applications to the Master of Data Science and Analytics are currently being accepted for classes beginning in September 2021.

The post University of Calgary launches master of data science and analytics degree first appeared on IT World Canada.

Trickbot botnet disrupted by Microsoft and alliance of tech companies

Microsoft says it, and several tech companies, have at least temporarily taken down the Trickbot botnet, a Russian-based network of devices that has infected more than a million computers since 2016 and is behind scores of ransomware attacks.

“We disrupted Trickbot through a [U.S.] court order we obtained as well as technical action we executed in partnership with telecommunications providers around the world,” Microsoft said in a statement Monday. “We have now cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems.”

Other tech companies involved in the effort included ESETLumen’s Black Lotus LabsNTT and Symantec. Also involved was the Financial Services Information Sharing and Analysis Center (FS-ISAC).

Microsoft says these moves represent a legal approach that its Digital Crimes Unit is using for the first time to get the court order: Copyright claims against Trickbot’s malicious use of its software code. “This approach is an important development in our efforts to stop the spread of malware, allowing us to take civil action to protect customers in the large number of countries around the world that have these laws in place.”

Criminals being well-funded and with the ability to find other systems to host their malware, it isn’t clear how long Trickbot will be out of commission. In fact, Microsoft took care to say it has “disrupted” the botnet. “We fully anticipate Trickbot’s operators will make efforts to revive their operations,” Microsoft acknowledged, adding, “we will work with our partners to monitor their activities and take additional legal and technical steps to stop them.”

Cyber criminals are tenacious. The re-birth of the Emotet botnet in 2019 is a recent example. It was down for four months after its command and control (C&C) servers had been shut down — either by law enforcement or a security researcher. But operators may have shut it down to rebuild the infrastructure.

UPDATE: ZDNet reports that the Trickbot operators have replaced the seized domains and command and control servers with new infrastructure.

In a statement, ESET said that over the years Trickbot compromises have been reported in a steady manner, making it one of the largest and longest-lived botnets. “Trickbot is one of the most prevalent banking malware families, and this malware strain represents a threat for internet users globally,” said Jean-Ian Boutin, the company’s head of threat research.

“Throughout its existence, this malware has been distributed in a number of ways. Recently, a chain we observed frequently is Trickbot being dropped on systems already compromised by Emotet, another large botnet. In the past, Trickbot malware was leveraged by its operators mostly as a banking trojan, stealing credentials from online bank accounts and trying to perform fraudulent transfers.”

What makes Trickbot so dangerous, says Microsoft, is its modular capabilities that constantly evolve, infecting victims through a “malware-as-a-service” model. “Its operators could provide their customers access to infected machines and offer them a delivery mechanism for many forms of malware, including ransomware. Beyond infecting end-user computers, Trickbot has also infected a number of “Internet of Things” devices, such as routers, which has extended Trickbot’s reach into households and organizations.”

Trickbot’s operators can also quickly tailor its spam and spear-phishing campaigns. Recent messaging topics have included Black Lives Matter and COVID-19. Microsoft believes Trickbot has been the most prolific malware operation using COVID-19 themed lures.

Trickbot is also known to deliver the Ryuk crypto-ransomware.

The post Trickbot botnet disrupted by Microsoft and alliance of tech companies first appeared on IT World Canada.

Five Eyes countries press for back doors into applications, again

Canada has again joined its partners in the Five Eyes intelligence co-operative and is calling on tech companies to work with governments to find a legal way around their end-to-end encryption.

In a news release over the weekend, senior cabinet officials from Canada, the U.S., the United Kingdom, Australia and New Zealand, as well as the governments of India and Japan, urged the industry to address concerns that encryption in their products helps criminals by precluding any legal access to unlawful communications.

“Particular implementations of encryption technology … pose significant challenges to public safety, including to highly vulnerable members of our societies like sexually exploited children,” officials wrote.

The governments are asking industry to help find “reasonable, technically feasible solutions” that do the following:

  • Embed the safety of the public in system designs, thereby enabling companies to act against illegal content and activity effectively with no reduction to safety, and facilitating the investigation and prosecution of offences and safeguarding the vulnerable.
  • Enable law enforcement access to content in a readable and usable format where a (court) authorization is lawfully issued, is necessary and proportionate, and is subject to strong safeguards and oversight.
  • Engage in consultation with governments and other stakeholders to facilitate legal access in a way that is substantive and genuinely influences design decisions.

The demand by governments and law enforcement agencies for lawful access to encrypted communications has been going on for years, and been resisted by privacy experts for just as long.

It’s being raised again, says the statement, because of proposals to apply end-to-end encryption across major messaging services. Many services including WhatsApp and Telegram already offer it. Zoom has been testing it since July.

The issue last hit headlines in the summer of 2019 when the University of Toronto’s Citizen Lab condemned then-Public Safety Minister Ralph Goodale for changing Canada’s policy on lawful access. Before then, Canada said it favoured strong encryption in products to protect citizens. However, after Goodale signed a Five Eyes communique urging tech companies to include “mechanisms in the design of their encrypted products and services whereby governments, acting with appropriate legal authority, can obtain access to data in a readable and usable format.”

Citizen Lab hit back. “In advancing an irresponsible encryption policy that would deny individuals and businesses access to strong encryption, [Ralph Goodale, Minister of Public Safety] and the Government of Canada have failed to publicly acknowledge and present the range of serious harms that would follow should companies voluntarily, or under compulsion, adopt the government’s current policy,” it said.

Briefly, privacy and many encryption experts argue that what governments want is a back door into systems so they can read communications of crooks and nation-states. However, they say even if any back door system needs judicial approval a hole is a hole, and it can be exploited by any skilled attacker. There is no such thing, they argue as a process that can only be used by governments. As a result, such back doors or processes end personal privacy.

The weekend communique acknowledges that technology companies use encryption to protect their users. But, the release also says, law enforcement must find a way to respond to “illegal content, child sexual exploitation and abuse, violent crime, terrorist propaganda and attack planning.” In fact, the Five Eyes argue, end to end encryption hobbles tech companies own efforts to fight these threats.

All that is being asked, according to the Five Eyes community, is for law enforcement agencies to access content “in limited circumstances where necessary and proportionate to investigate serious crimes and protect national security.”

“We challenge the assertion that public safety cannot be protected without compromising privacy or cybersecurity,” the statement reads.  “We strongly believe that approaches protecting each of these important values are possible and strive to work with industry to collaborate on mutually agreeable solutions.”

Suggestions include creating master decryption keys that, in theory, only law enforcement agencies can access with a court order; giving police the ability to get a court order to compel suspects to decrypt their conversations; or creating a way that allows third parties to lawfully listen in to encrypted conversations or messages.

The post Five Eyes countries press for back doors into applications, again first appeared on IT World Canada.

AMD announces Ryzen 5000 series processors and Zen 3 architecture

The wait is no more. AMD lifted the curtains off of its Ryzen 5000 series processors and its Zen 3 core architecture at its “Where Gaming Begins” conference yesterday.

Zen 3, like Zen 2, uses a separate CPU die and I/O die on the same package. The CPU die is manufactured using TSMC’s 7nm node, while the I/O die is made on the 12nm node. Separating the I/O die and CPU dies help with yields as smaller chips are easier to manufacture.

Zen 3 package shot. The top two smaller dies (CCD) are the CPU cores. The bottom large die is the I/O die that holds controllers for memory and ports. Image source: AMD presentation capture.

AMD’s Zen 3 architecture continues to improve on Zen 2’s modular design. In the previous generation, AMD’s Ryzen 3000 series desktop processors used multiple core chiplet dies (CCD) consisting of two 4-core compute core complexes (CCX) connected over the Infinity Fabric Interconnect. Each CCX had its own, separate 16MB cache. With Zen 3, AMD has unified the pools of cache into a single 32MB pool, thus decreasing latency and increasing resource sharing across the cores.

Mark Papermaster, chief technology officer at AMD, detailed Zen 3’s revamped core and unified L3 cache layout. Image source: AMD presentation capture.

AMD has also reworked the front to back operation stack, including widening the integer and floating-point execution units (EU), load/storage operations, and the branch predictor. AMD also announced a feature called “Zero Bubble” that hides latency, a major roadblock of previous generations of Zen architectures.

All of Zen 3’s architecture changes amounted to 19 per cent IPC improvement. Image source: AMD presentation screen capture

All-in-all, AMD claims that Zen 2 will have 19 per cent higher instructions per clock while being 24 per cent more power-efficient compared to Zen 2. Further, it underscored Zen 3’s single-threaded performance by demonstrating the Ryzen 9 3900X achieving 631 points in Cinebench R20, a rendering benchmark. The company claimed that this is the first processor to break the 600 points barrier in the benchmark.

AMD director of technical marketing Robert Hallock said that the Ryzen 9 5900X is the first to break the 600 points mark in the single-thread Cinebench R20 test. Image source: AMD presentation screen capture.

The initial launch lineup on Nov. 5 will have four SKUs: the Ryzen 9 5950X, Ryzen 7 5900X, Ryzen 7 5800X, and the Ryzen 5 5600X.

Model AMD Ryzen 9 5950X AMD Ryzen 9 5900X AMD Ryzen 7 5800X AMD Ryzen 5 5600X
Cores/Threads 16/32 12/24 8/16 6/12
TDP 105W 105W 105W 65W
Boost/Base frequency  4.9GHz / 3.4GHz 4.8GHz / 3.7GHz 4.7GHz / 3.8GHz 4.9GHz / 3.4GHz
Cache 72MB 70MB 36MB 35MB
Cooler N/A N/A N/A Wraith Stealth
Price US$799 US549 US$499 US$299

There is a price hike this time around. All Ryzen 5000 series processors cost $50 more than the products they’re designed to replace. Moreover, AMD has pulled the stock coolers from the Ryzen 7 5900X and the Ryzen 7 5800X which, in the previous generations, granted it a big value lead compared to Intel processors.

For the first time in a long time, AMD processor prices have outpaced Intel’s. At MSRP, the Ryzen 7 5800X costs US$125 more than Intel’s Core i7-10700K ($499 vs. $374), which brings it into price parity with Intel’s consumer flagship CPU, the 10-core Core i9-10900K. The price difference narrows on the mid-range, though, with the Ryzen 5 5600X being just $37 more than the Core i5-10600K (US$299 vs. US$260). The increased prices hint at AMD being confident that its products will win against Intel’s Comet Lake-S. With that said, Intel’s Rocket Lake processors–built on Intel’s 14nm process–is expected to land March 2020 to challenge the market.

Initial processor launch lineup. Image source: AMD presentation screen capture

Finally, the Ryzen 5000 series will be the last generation of processors to use the AM4 socket. The socket is now 4 years old and has lasted through three generations of Ryzen processors.

Motherboards with AMD’s 500 series chipsets will natively support the new Ryzens. Motherboards with the 400 series chipsets, however, will have to wait until January for the new beta BIOS to be released. The upgrade is forward only for X470 and B450 motherboards, meaning that once the BIOS is flashed, they will no longer support older generations of Ryzen processors. To avoid a “no-boot” situation, users will need to provide proof that they’ve purchased a Zen 3 desktop processor and a 400 series motherboard before they can download the BIOS.

AMD has also confirmed that its 5nm products are on track and that its graphics solutions built on “Big Navi” will be announced on Oct. 21.

Read our previous coverages for backgrounders on the topics covered here.

Correction: Intel Rocket Lake is set to arrive in March 2021, the article has been amended to increase accuracy.

The post AMD announces Ryzen 5000 series processors and Zen 3 architecture first appeared on IT World Canada.