Public Safety Canada Daily Infrastructure Report
The Public Safety Canada Daily Infrastructure Report is a compilation of summaries of publicly available emergency management information concerning critical infrastructure.
A summary of feedback results is now available.
News | Cyber tracking | Relevant links | Note to readers
DIR10-124 - June 29, 2010
News
Canada and India broaden strategic partnership
On June 27, the Prime Minister’s Office announced that Canada and India signed a nuclear cooperation agreement that will provide Canada’s nuclear industry access to India’s rapidly expanding nuclear market. This civil nuclear cooperation agreement will lift a previous ban on trade in certain products and technologies. President of the Canada–India Business Council Rana Sarkar stated that the agreement will open the doors to thousands of highly qualified workers and to well-paid jobs for Canadians in India’s flourishing nuclear industry. It will also allow Canada to compete for a share of this lucrative market, after similar agreements are signed by the United States, Russia, Korea and Japan.
Source article - Office of the Prime Minister , June 27, 2010
Source article - Canoe.com , June 28, 2010
Government of Canada assists B.C. with 2009 wildfires
On June 28, Public Safety Canada announced that the Government of Canada will cost share eligible expenses incurred by the Province of British Columbia related to the wildfires of 2009 under the Disaster Financial Assistance Arrangements (DFAA) program. From May 2 to November 2, 2009, the Province of British Columbia reported severe wildfires throughout the province. More than 20,000 people were evacuated from their homes and over 212,000 hectares of land were burned. Public and private infrastructure, such as range fencing, culverts, cattle guards, campground facilities and road surfaces, were damaged. The Government of British Columbia has indicated that the initial estimate of damage caused by the wildfires is approximately $75 million. The federal share will be determined in accordance with the DFAA Guidelines, which list eligible expenses and include the sharing formula. Since its inception in 1970, the Disaster Financial Assistance Arrangements program has provided more than $1.9 billion in disaster financial assistance to the provinces and territories.
Source article – Public Safety Canada – June 28, 2010
CCIRC releases advisory AV10-018: Cisco ASA HTTP Response Splitting Vulnerability
On June 29, Public Safety Canada's Canadian Cyber Incident Response Centre (CCIRC) released advisory AV10-018 to bring attention to a vulnerability in Cisco ASA, versions 8.1(1) and prior. Cisco Adaptive Security Appliance (ASA) is vulnerable to HTTP response splitting caused by improper validation of user supplied input. A remote user can exploit this to spoof content on the target ASA appliance, attempt to poison any intermediate web caches or conduct cross-site scripting attacks. Cisco has released a fix to address this vulnerability. CCIRC recommends that departments liaise with the administrators/maintainers of the network service to identify affected products and assess the need to apply the appropriate updates and/or workarounds. Software version 8.1(2) addresses this security flaw.
Source article - Public Safety Canada, June 29, 2010
CCIRC provides a list of recent and archived security publications.
U.S. cybersecurity legislation passes Senate committee
On June 24, the Senate Committee on Homeland Security and Governmental Affairs reported that a cybersecurity bill passed a key Senate committee on June 24. The bill, known as the Protecting Cyberspace as a National Asset Act, would establish a White House Office for Cyberspace Policy to lead federal and private sector efforts to secure critical cyber networks and assets and a National Center for Cybersecurity and Communications to implement cybersecurity policies as they pertain to federal and private sector networks.
Source article - Senate Committee on Homeland Security and Governmental Affairs , June 24, 2010
The Senate Committee on Homeland Security and Governmental Affairs provides the full document Protecting Cyberspace as a National Asset Act.
White House announces draft National Strategy for Trusted Identities in Cyberspace
On June 25, the White House announced the release of the draft National Strategy for Trusted Identities in Cyberspace (NSTIC), which is a blueprint to reduce cybersecurity vulnerabilities and improve online privacy protections through the use of trusted digital identities. This first draft of NSTIC was developed in collaboration with key government agencies, business leaders and privacy advocates and will be finalized in the fall of 2010. Through the strategy, the aim is to enable an environment where individuals can voluntarily choose to obtain a secure, interoperable, and privacy-enhancing credential (e.g., a smart identity card, a digital certificate on their cell phone, etc) from a variety of service providers – both public and private – to authenticate themselves online for different types of transactions (e.g., online banking, accessing electronic health records, sending email, etc.). Another key concept in the strategy is that users will be able to have more control of the private information.
Source article – White House, June 25, 2010
The Department of Homeland Security (DHS) provides the draft National Strategy for Trusted Identities in Cyberspace.
Cyber tracking
CCIRC security publications
Over the course of the past 24 hours, CCIRC has released the following security publications, which provide details on specific vulnerabilities and suggested mitigation strategies:
- AV10-018: Cisco ASA HTTP Response Splitting Vulnerability
CCIRC provides a list of recent and archived security publications.
Threat and vulnerability monitoring
CCIRC has not detected any new significant threats or vulnerabilities. Personnel responsible for information, systems and network security should continue to monitor and apply appropriate security precautions.
Relevant links
Below are links to sites related to Canada’s critical infrastructure.
- Food Recalls and Allergy Alerts
Canadian Food Inspection Agency
- Health Advisories, Warnings and Recalls
Health Canada
- Disease Outbreak News
World Health Organization
- Travel Health Notices
Public Health Agency of Canada
- Transportation - Safety
Transport Canada
- Travel Reports and Warnings
Foreign Affairs and International Trade Canada
- Weather warnings for Canada
Environment Canada
- Earthquakes
Earthquakes Canada
- Hurricanes
Canadian Hurricane Centre
- Hurricanes
U.S. National Hurricane Center
- News Releases
Infrastructure Canada
-
Note to readers
Public Safety Canada collects information related to cyber and physical threats to, and events concerning, Canadian critical infrastructure. This allows Public Safety Canada to monitor and analyze threats and to issue alerts, advisories and other information products.
Links to sites not under the control of the Government of Canada are provided solely for the convenience of users. The Government of Canada is not responsible for the accuracy, currency or the reliability of the content. The Government of Canada does not offer any guarantee in that regard and is not responsible for the information found through these links, nor does it endorse the sites and their content.
Public Safety Canada respects the Official Languages Act and is committed to ensuring that information products are available in both English and French. However, users should be aware that some links direct users to sites of organizations or other entities that are not subject to the Official Languages Act and that these sources are only available in the language in which they are written.