Transcript
Transcript: Discover Cyber Security: Abbas's Blunder
[The text "Canadian Centre for Cyber Security | Centre canadien pour la cybersécurité" appears onscreen.]
[The text "Canada School of Public Service | École de la fonction publique du Canada" appears onscreen.]
Abbas' Blunder
Many cyber threats are opportunistic and take advantage of circumstances that will benefit the threat actors.
[A computer with three connecting points, a laptop, and an information system appear with a stack of cash in between them. Target icons then appear on each object.]
Information and IT systems are valuable, and obvious vulnerabilities or easy targets will often be exploited, such as Abbas' mistake.
[Abbas, with glasses and curly hair, appears.]
Meet Abbas.
[SPLIT SCREEN: Abbas is working with his colleague at the same desk; on the other side he is working at his desk at home. Abbas sometimes works at the office and sometimes works from home. A laptop with a screen that says "No Connection, Retry", which then transitions to a screen with a file folder. A pointer appears and clicks on the folder and then the download icon. Four folders appear with the download icon on top.]
Sometimes, he's unable to connect to the work network; so, he's gotten into the habit of copying files onto his desktop, so that he can work on them from home, even when he's not connected.
[Abbas stands next to his white car, which he locks and then walks away.]
One Friday, Abbas came home and left his laptop in the back seat of his car.
[At night, a thief in a burglar suit appears with a flashlight and breaks the window to the car. He then runs away with a laptop bag.]
Someone broke into his car that weekend and stole his work laptop.
[Two threat actors kneel by the laptop bag and pull out a sticky note with passwords written on it. A laptop screen shows a lock opening and many file folders appearing.]
The threat actors found a list of passwords inside the laptop bag and were able to obtain the data stored on the laptop, including some HR documents that Abbas was working on along with several hundred sensitive personal files of employees.
[Abbas has a panicked look on his face while his supervisor reprimands him. His colleagues are at their desks working in the background.]
Abbas' department had to determine what information went missing when the laptop was stolen.
[SPLIT SCREEN: A man panics after finding out that his information was stolen; a laptop screen shows an email with the description "How to protect yourself after a privacy breach."]
Employees whose information was stored on the laptop had to be notified about the privacy breach and the need to protect themselves against a greater risk of future fraud and identity theft.
[A female employee is interviewed about the incident.]
A few of these employees spoke to the press about the breach.
[Bullet points appear.]
Abbas could have kept his department and the employees safe by following his organization's procedures for handling government assets and information, including his laptop, while working from home. He could have spoken to someone about implementing an appropriate workaround instead of circumventing safeguards.
[Green checkmarks appear over the bullet points. A hand writes down passwords on a sticky note next to a laptop with a blank screen. A red 'thumbs down' icon appears on the laptop screen.]
Oh, and let's not forget that writing your passwords down and keeping them near your device is never a good idea. Although this is not a true story, the Government of Canada has had to remedy this type of harm. Avoid repeating Abbas' blunder.
[This video was co-created by: Canadian Centre for Cyber Security | Centre canadien pour la cybersécurité, Canada School of Public Service | École de la fonction publique du Canada.]
[The Government of Canada logo appears.]
