Heartbleed bled out and now, an arrest

The RCMP have managed to track down and arrest the first ne'er do well in London, Ontario. The RCMP have not indicated how they managed to puzzle out who attacked the Canada Revenue Agency. I am curious myself but, not for the same reasons. I'm curious what led a 19 year old from Southern Ontario to think that activity was acceptable.

From RCMP press release:

The RCMP's National Division Integrated Technological Crime Unit (ITCU) has  charged a 19 year old London, Ontario man in relation to the malicious breach of taxpayer data from the Canada Revenue Agency (CRA) website.

Stephen Arthuro Solis-Reyes was arrested at his residence on April 15 without incident. He faces one count of Unauthorized Use of Computer and one count of Mischief in Relation to Data contrary to Sections 342.1(1)(a) and 430(1.1) of the Criminal Code.

This knuckle head was banging away on the CRA's website because he could. This is indicative of a problem that I have seen too many times. Young men and women who, lacking sage advice, end up making career (and in some cases life) limiting moves. Had   they taken the time to think it through would have had said, "What was I thinking?"

As a member of the security community I'm troubled by this trend that I've been witnessing. How can we reach out to these younger security enthusiasts and help to guide them so that they're not writing themselves a one way ticket to Club Fed?

I realize that there are programs like Safe and Secure Online as well as various mentorship initiatives. I'm just wondering if there isn't more that can be done? We often talk of lessons learned for post incident review. I'm curious as to how we can better capture lessons learned from stories such as this to help guide younger (and in some cases older) folks so that they're not repeating the errors of their peers who have gone before them.

I would love to hear your thoughts on this. Please drop me a comment so we can start the discussion.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags cyber attacksespionageCanada Revenue Agency

More about CRA

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Dave Lewis

Latest Videos

More videos

Blog Posts