Hacking the Yukon

Securing your data is on you

The internet has connected the Yukon to the outside world in new and amazing ways.

It has also connected us to the world of hackers. They aren’t dissuaded by distance, cold or isolation. Indeed, the only thing that can stop them is when the backhoe operators of Fort Nelson sever our lone fibre optic cable.

Like mosquitoes or squirrels in the cabin attic, they are now an unwelcome and permanent part of life in the North. And they pose new and significant risks for Yukoners and our businesses.

Last week, the Yukon Workers’ Compensation Health and Safety Board disclosed that an “unknown party” had gained access to the names and email addresses of 270 people. Fortunately, the system that was breached did not also contain the most sensitive personal information in the organization’s files.

Organizations in Canada are now required to report such incidents, depending on their nature and the kind of personal information involved, to the national privacy commissioner as well as affected people and sometimes other organizations who may have similar risks. If you haven’t already received such notifications, you surely will.

The WCB went farther than required and held a press conference to explain the incident more fully to Yukoners.

Far from being an organizational embarrassment, that’s a good thing. It makes me as a citizen more confident they are taking their obligations seriously, and I was reassured to learn scam artists had not downloaded everyone’s personal health and financial information files.

Indeed, the fact that only a peripheral system was breached shows the value of security measures such as keeping data and systems compartmentalized.

Things have come a long way from more innocent days when Ferris Bueller used the password “pencil” to log onto his high school principal’s system and erase how many times he skipped school. Now the stakes are much higher, with billions of dollars flowing around our economy, industrial control systems managing things like oil pipelines or traffic lights, and your most sensitive personal information at stake.

There are lots of scare stories out there, many of them true. Edmonton’s McEwan University admitted last fall that hackers had tricked staff into mistakenly transferring $11.4 million to the wrong bank accounts. That’s an astonishing 10 per cent of McEwan’s annual government grant.

The hackers used fake “phishing” emails and imposter websites to impersonate the university’s usual suppliers and convince staff to pay bogus invoices.

Much of the money was recovered, but an $11.4 million haul is an incentive for hackers to put a lot of effort into tricking the target. Think Ocean’s Eleven, not badly spelled emails asking you to transfer millions to a Nigerian prince down on his luck.

It seems to be happening to everyone. A number of Yukoners have told me of incidents at their organizations or in their personal lives. These range from fraud to identity theft to hackers putting ransomware on your website.

Identity theft is when villains use your electronic details to impersonate you by, for example, getting a loan. Ransomware is software that encrypts your data or system until you pay up, usually via electronic crypto-currency.

The consequences can range from minor to severe. You may not care that your internet cat videos have been encrypted by ransomware, but if you lose your clients’ personal data or have your accounting system crippled it could cost you big bucks. The Canadian Federation of Independent Business says 60 per cent of small businesses go out of business within six months of an attack.

So what should Yukoners do?

For citizens, we all need to up our online game. Just like we know not to leave our bicycles unlocked and to keep our most sensitive documents in bank safety deposit boxes or safes, we need to learn the basics of managing our online risks. And like protecting your bicycles and retirement savings, there is a range of things you should do depending on how valuable your different “digital assets” are.

Start with the basics. According to the UK’s Independent newspaper, the five things key things are: use complex passwords, do not click on email links or attachments you don’t trust, avoid pop-up windows, check website URLs before you type in your password to make sure they are legitimate and not pretending to be something trustworthy like your bank, and keep your anti-virus software up to date.

Some people, especially those in the public eye, go even farther with security measures such as two-factor authentication on their emails. One version of this involves having an app on your phone that generates a number you need to log onto your email in addition to your password. This way, someone can steal or guess your password but still be kept from compromising your account.

If you run a business or non-governmental organization or are on the board, things are more complicated.

Boards are responsible for the whole organization, including its data and systems. The days of assuming the IT dude has it all under control are long gone.

Managers must work with their boards and staff to manage the issue. It has joined the managerial to-do list along with finance, legal, human resources and other core business responsibilities. Fortunately, there are a growing number of places you can get advice and support. Ask your lawyer or accountant for suggestions on who can help you, and check out the online resources of organizations such as the Canadian Chamber of Commerce.

If this seems like an annoying addition to your to-do list, you’re right. But as a parent may have told you in the old days, it takes less time to lock your bike than look for it after it goes missing.

Keith Halliday is a Yukon economist and author of the MacBride Museum’s Aurore of the Yukon series of historical children’s adventure novels. He is a Ma Murray award-winner for best columnist.

hackingYukonomist

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Arrest made in 2019 Ross River murder

Phillip Atkinson, 63, has been charged with first-degree murder in the death of Mary Ann Ollie

Brother of slain Carmacks man wants review of Yukon justice system

Lennie Charlie’s brother, Wilfred “Dickie” Charlie, was killed by Mario and Tyler Skookum in 2017

Council turns down zoning amendment

Property owners will not be permitted to add a suite to their RR-zoned home

Tr’ondëk Hwëch’in issues voluntary closure on fall chum fishing

The closure comes during the worst fall chum run on record

Yukon government will fund one type of glucose monitors for adults

The Yukon T1D Support Network says coverage needs to go further

Lawsuit against Freedom Trails settled

The suit was dismissed with consent of all parties

Tank farm takes another step towards development

OCP designation passes second reading

Climate change strategy targets 30 per cent reduction in territory greenhouse gases by 2030

The strategy includes rebates for electric vehicles but puts off mining targets for two years

Watson Lake to hold mayoral byelection

Residents of Watson Lake will elect a new mayor on Oct. 8.… Continue reading

Teslin Tlingit Council elects chief, deputy chief

Teslin Tlingit Council citizens have elected Eric Morris as the new Naa Sháade Háni

Yukon Party nominates Dixon for Copperbelt North

The new leader was previously the MLA for the riding

Teslin Tlingit Council to hold election

Election day is Sept. 15, 2020

City hall, briefly

A look at decisions made by Whitehorse city council this week

Most Read