BC firm's materials in space
$10K discrimination ruling
Quesnel pulp mill sold
Inquiry into B.C. port strike
Is decaf coffee bad for you?
Ex-cop tries to quash charge
PM pledges deportations
Trump trial arguments begin
Ghost guns to high court
Nude Beverages sells line
Wealth gap widening
Canadian Honda EV plant 
Leafs even series
Cristall gets pro look
Warriors even series in OT
Swift breaks Spotify record
Cudi Coachella set cut short
Bon Jovi 'hasn't been a saint'
COVID-19 dangers go beyond common symptoms
By Orest Protch
The last year has changed the way Canadians spend their time.
- Online shopping is up 99.3%
- Social media use has increased 72%
- Postings have increased 43%.
Raise your thumb if you count yourself in these numbers. Point your thumb down if you have done nothing to take steps to protect your laptop, cell phone or tablets that you use to go online with from malware, viruses and trackers.
Several hundred million app of Zoom, TikTok and Pokémon have been downloaded even as companies around the world ban their use at work due to hacking worries. Now, add in Facebook and Twitter number increases.
Now, raise your thumb if you use public Wi-Fi to go online when you are out and about. Back when the Westbank water treatment was started, I was one of two operators hired in 2007 to help commission and run it.
We could go to any public Wi-Fi, log into the plant system on our laptops and run and potentially fix problems when the site computer would dial out to let us know there was a problem. Scary stuff. But it was sanctioned and allowed by the district, so we did our job.
The following are just five ways hackers can use public Wi-Fi to steal your identity, your passwords and credit card information and yes, even remotely take over a water treatment plant.
- Shoulder-Surfing. This is data theft where cybercriminals steal personal information or confidential information by peering over your shoulder. This act is much more common than you would ever imagine.
- Sidejacking (Session Hijacking). The attacker uses packet sniffing to read network traffic between two parties to steal the session cookie.
- Man-in-the-Middle Attacks. This is an attack where a third party intercepts communications between two participants.
- Fake Wi-Fi Connections. When you check your device to see if a coffee shop or mall has Wi-Fi and it shows green on the icon, but there are no signs posted on counters or walls showing that there is, this is a good indication to run away.
- Packet Sniffing. Your internet activities are transmitted through many routers and switches en route to their destination. Those packets are susceptible to collection and analysis at each of those points.
If you do a quick internet search, you will find free hacking apps that allow you do all the above. Maybe if you have kids, ask them to show you theirs.
I know of hospitals, clinics and lawyers offices that have been victims of malware. Demands for money after locking up your device. None of your friends or employers will brag about having their devices and systems locked by malware until they cough up anything from a few hundred dollars to tens of thousands.
U.S. Homeland Security and Interpol list water-treatments plants second in line for terrorist attack dangers after nuclear power plants, for potential attacks. And yes, water-treatment plants are being hacked and chemical additions manipulated or stopped.
In Calgary, a water treatment plant may have war-zone razor/concertina wire on top of the fence surrounding it to keep the general public and intruders out, but not around its operator computer terminals.
In the years since leaving the Westbank Powers Creek water treatment plant, I have had to use touch keypads to get behind the razor wire fences at various sites.
Have you ever shared a USB with a friend or relative or taken one to work to copy files?
Do you ever run daily security checks on your USB before you do so?
Most companies and government departments have policies against personal memory devices being used at work. But how many follow the rules? Even Canadian government departments such as CRA have been hacked as well as B.C .Health this past year.
Every year, there is an international hackers convention called DefCon. I have a friend who goes every year. A P-Eng. The convention is huge.
But if you think high school had snobbish cliques, it can take years to get included into some of the convention's inner circles of the secret societies that make up international hacking cells, both private and government.
The U.S. military attends these conventions yearly. Yes they have hackers in their own secret departments as well as the defence contractors having their own. But no one in-house can have all the most recent coding information and keep up to all the new hacking techniques, new viruses or malware programs or know all the backdoors into computer system programs.
So the U.S. military has contests. Contests to hack into their most secret systems. They even have, just like the game show Jeopardy on TV, pre-entry tests to qualify to participate.
In 2019, at the Las Vegas convention, the U.S. Air Force brought along an F-15 fighter-jet data system to have hackers find serious vulnerabilities. They did. The USAF was so pleased with the result that it decided to up the ante.
Last year, they were planning on bringing a satellite. The USAF wanted to let hackers try to hijack an orbiting satellite. But COVID cancelled the convention.
And, yes, kids at these convections show how easy it is to get into voting machines.
Next time, you go to use a public Wi-Fi at a coffee shop, mall or airport, be aware that someone is probably watching, seeing and recording what you are doing. It could be an employee or the teenager at the other table.
Never ever bring a USB or other memory device to your place of employment. And the reverse is true.
Your workplace computer system may already be hacked and you will bring home an exploit waiting to get into your system as soon as you push in that little USB stick.
Nothing sucks more than your device getting locked or even crashed.
Every day, my wife and I run anti-malware, data tracking, sniffer finders and antivirus programs on our devices.
COVID-19 protection is not just about you wearing a mask in public.
Your internet devices need a mask too.
Orest Protch is retired, but was in Ottawa in March 2020 putting on a week-long engineering seminar for a special projects team of the Canadian Department of National Defence (DND).
This article is written by or on behalf of an outsourced columnist and does not necessarily reflect the views of Castanet.
