Canada seeing ‘significant increase’ in Russian cyber threat activity: CSE IG News

IG News Updates,

Canada is seeing a “significant increase” in cyberthreat activity by Russian-aligned actors, according to the Communications Security Establishment (CSE), but government websites have not been hacked or compromised in recent attacks.

“These [attacks] are drawing attention, but this does not mean the website has been hacked or any information has been compromised,” Sami Khoury, head of CSE’s Canadian Center for Cyber ​​Security, told Canada’s Important Cyber ​​Security Center on Thursday afternoon. said during a briefing to reporters on threats to infrastructure.

The briefing came after The New York Times reported on the basis of leaked top-secret Pentagon documents that included details of Russian hackers who successfully accessed Canada’s natural gas infrastructure, and in recent days Several Government of Canada webpages were taken offline due to the distribution. Denial-of-service (DDoS) attacks with a pro-Russian hacktivist group claiming to be behind it.

CSE said DDoS attacks occur when an adversary overwhelms a server to deny access to others, but does not hack the site in the process. According to the CSE, since the beginning of this week, there have been “persistent” attempts to disrupt federal government sites as well as sites in Canada’s finance, transportation and energy sectors.

On the critical infrastructure allegations, Khoury said that “there was one confirmed report where a cyber threat actor had the capability to cause physical damage to Canada’s critical infrastructure” but that he could report that any Canadian energy infrastructure was affected. There was “no physical damage” to the structure.

“But make no mistake: The threat is real,” Khoury said.

“A lot happens behind the scenes. There are a lot of things that, you know, we don’t talk about publicly, but we share directly with the operators, because we know we can defend their infrastructure. can help them do that,” he told reporters.

CSE would not say whether there is a connection between the DDoS efforts and allegations of Russian hackers accessing Canadian critical infrastructure.

Defense Minister Anita Anand issued a corresponding statement on Thursday regarding these issues.

Anand’s statement noted that since the beginning of Russia’s invasion of Ukraine a year ago, there has been an increase in this activity on the part of both state actors and pro-Russia non-state actors, but especially in “recent weeks”. This is what happened in me.

The defense minister attributed the activity to Canada’s “resolute support” for Ukraine, and said allies would not be deterred by these Russian efforts, a message Prime Minister Justin Trudeau also stressed Thursday.

Trudeau said, “Clearly, Canada’s apparently strong stance in support of Ukraine and against Russia’s illegal actions is troubling to the Russian government and pro-Russian hackers. Obviously, we will not back down in any way.” The ones aren’t.”

“A few denial-of-service attacks on government websites, bringing them down for a few hours, is not going to cause us to reconsider our unequivocal stance on doing whatever it takes to support Ukraine. “

On Wednesday night, CSE’s Cyber ​​Security Center issued a “cyber flash” to federal government partners and critical infrastructure sectors across Canada with details of this new threat the agency is looking into, and an “ongoing campaign” What is known about

CSE—which is mandated to provide foreign signals intelligence and cyber security expertise to the federal government—says it continues to work with Shared Services Canada to ensure “the websites remain available,” and To “share what we know” in critical infrastructure and offer our help.