News   GLOBAL  |  Apr 02, 2020
 9.7K     0 
News   GLOBAL  |  Apr 01, 2020
 41K     0 
News   GLOBAL  |  Apr 01, 2020
 5.5K     0 

Who is denying that this kind of thing is a problem?

Though to be fair - based on personal experience - the response had been anemic, and the condition of the system atrocious. You can't even hope to make a case of improved transit if you can't even take care of your own house and ensure a system attractive to riders - which frankly is the only thing that mattered as far as a transit system is concerned.

AoD
 
Last edited:
Even before covid at least 1 operator was assaulted daily, someone was killed this week at Jane, these incidents aren't isolated.
With swords?

I don't think there were 365 physical assaults on operators in (pick a year - 2019). What's an assault? Does it include pedestrians giving the driver a finger, when he turns right on red (enters the intersection), with a white walk symbol? Making sarcastic comments about far they are ahead of schedule?
 
More new Queue jump lanes for TTC, this time on St. Clair at Midland, per this report to the next meeting of SCC:


From the above:

1719582015369.png
 
Not about Toronto but an interesting article, 660 assaults but 30,000 calls to special constables. I wonder what our number is like? Afaik we have 8 people on at a time and they patrol in pairs

 
Even before covid at least 1 operator was assaulted daily, someone was killed this week at Jane, these incidents aren't isolated.

Additionally my biggest gripe is most of the time these aren't "normal people" who had a moment of insanity. These are repeat offenders, out on bail weeks or days after their last assault.
if there was a place to detain these people, they would be detained. Defence counsel will tell you that Toronto South and other locations are warehousing pre trial detainees to their limit and beyond. Criminal activity and NCR activity on transit is serious but can’t be divorced from the reality across our society and can’t be fixed in isolation from it.
 
Yet another external Report that is damning of TTC practices. No doubt Rick Leary is not personally responsible but...

https://www.cp24.com/news/ttc-lacke...ernal-warning-years-earlier-reports-1.6947986

A report by the provincial privacy watchdog has found that Toronto’s public transit system was not prepared for the cyberattack that knocked down some of its communication systems and compromised the private information of more than 25,000 employees in 2021 -- despite an internal warning from the commission's security department issued years prior.

The breach, first reported in late 2021, compromised the personal information of approximately 25,000 past and present employees. That information included employee names, addresses, and social insurance numbers (SIN). The attack also took down several customer-facing systems, including trip-planning apps, the TTC website, and the online Wheel-Trans online booking portal.

While the TTC has released few details about the breach, a report authored by Ontario’s Information and Privacy Commissioner (OIPC) that was released in April sheds some new light on what happened, including the fact that it was made possible after an employee fell for a phishing attempt.

The report also suggests that the breach was exacerbated by a failure of the commission to ensure its security software was kept up-to-date, despite having standards in place that instructed otherwise.
 
Yet another external Report that is damning of TTC practices. No doubt Rick Leary is not personally responsible but...

https://www.cp24.com/news/ttc-lacke...ernal-warning-years-earlier-reports-1.6947986

A report by the provincial privacy watchdog has found that Toronto’s public transit system was not prepared for the cyberattack that knocked down some of its communication systems and compromised the private information of more than 25,000 employees in 2021 -- despite an internal warning from the commission's security department issued years prior.

The breach, first reported in late 2021, compromised the personal information of approximately 25,000 past and present employees. That information included employee names, addresses, and social insurance numbers (SIN). The attack also took down several customer-facing systems, including trip-planning apps, the TTC website, and the online Wheel-Trans online booking portal.

While the TTC has released few details about the breach, a report authored by Ontario’s Information and Privacy Commissioner (OIPC) that was released in April sheds some new light on what happened, including the fact that it was made possible after an employee fell for a phishing attempt.

The report also suggests that the breach was exacerbated by a failure of the commission to ensure its security software was kept up-to-date, despite having standards in place that instructed otherwise.
You know, when reports like theese come out for IT in public centers like the toronto library, I just laugh because some companies are spending billions just to prevent people from clicking links in emails.

Every. Single. Time.

The TTC’s forensics investigation found that the threat actor gained access to its system by first compromising a trusted third party’s system. The threat actor then inserted themselves into email correspondence between this third party and the TTC. A TTC employee clicked on a malicious link that seemed to come from the third party, and this allowed the threat actor to access the TTC’s systems via malware. The TTC provided the IPC with a more detailed explanation of how the attack occurred, but asked that those details not be published, due to security concerns.
 
You know, when reports like theese come out for IT in public centers like the toronto library, I just laugh because some companies are spending billions just to prevent people from clicking links in emails.

Every. Single. Time.
We constantly do fake phishing to test people, and people fall for them every time, even the most obvious ones.
 
And what is the result of it, do you revoke those users email access?
ha. good joke. No they maybe get to watch another 30 minute training, but even then thats rare.

I would call most cybersecurity policies "tickboxes"

"do they update their systems"...."yes"...every decade LOL
 
Extra training. We actually have fairly sophisticated material about things to watch out for with phishing. But I think it's fairly rare for anyone to fail the test multiple times.
 
The bank I work for does the random email tests, apparently there's a 80 percent pass rate which now requires not only not clicking the links, but also to actively report it as phishing too (there's a click button in Outlook they added for that).
More recently they've been doing phone tests too, with people calling in doing the old "Oh hi it's [insert name of actual employee] here. I'm rushing from a meeting to another right now with [insert actual client name] so can you quickly give me their account number so I can look it up on the system?"
 

Back
Top