Federal Privacy Commissioner’s Tech Know Blog

Federal Privacy Commissioner’s Tech Know Blog

In November, the Office of the Privacy Commissioner of Canada (OPCC) launched a Privacy Tech-Know blog series aimed at privacy professionals interested in increasing their technical knowledge. The posts are intended to help privacy professionals speak more confidently and accurately about new information technologies and their privacy implications. The OPCC has stated that the series of blog posts planned for the coming months will cover everything from understanding cookies to e-voting systems to license plate recognition.

This first blog piece is this series discusses ransomware, being a form of attacker malware that instead of removing data from a device or system and subsequently searching for a buyer for the data, requires victims to pay the attacker directly in order to (re)access their own devices or data. The piece educates the reader on the different types of ransomware and warns that even if access to data is re-established, it is important to conduct a comprehensive analysis of the attacker’s activity to determine the extent of unauthorized access to individuals’ personal information.

The Ontario Information and Privacy Commissioner’s office published a factsheet on ransomware in July 2016. As outlined in an earlier PRIVATECH blog article, this fact sheet also provides preventative tips on protecting one’s organization from ransomware, as does Kaspersky Lab, a world-leading Internet security organization.

This form of malware has clearly become a major concern for IT departments and needs to be understood and planned for. By some estimates, Canadians are affected by more than 1,600 ransomware attacks per day.

One of the most prevalent ways in which malware, such as ransomware, is introduced on company networks is through e-mail directed at employees within the organization. PRIVATECH has recently developed template e-mail use guidelines to help educate employees on inbound as well as outbound risks and how to minimize them. To order this template as part of our Privacy Documentation Suite Addendum, CLICK HERE. Available till December 15th only, at which time the templates forming the addendum will be integrated into our Suite.