Cyber-Attack on Global Affairs Canada
Cyber-criminals have attacked the federal government entity responsible for Canada’s diplomatic and global relations.
Global Affairs Canada was hit on Wednesday – one day before the Canadian Centre for Cyber Security issued a cyber-threat bulletin urging critical infrastructure operators to strengthen their defenses against known Russian-based cyber-threat activity.
“The Canadian Centre for Cyber Security encourages the Canadian cybersecurity community – especially critical infrastructure network defenders – to bolster their awareness of and protection against Russian state-sponsored cyber threats,” stated the bulletin.
Confirmation of the attack came on Monday via the Treasury Board of Canada, which said that “mitigation actions were taken” in response to the incident.
The digital assault left some diplomats without access to certain online services, according to news source The Star.
Canada’s federal government has not said who it believes is responsible for the attack.
In a statement to ABC News, the Treasury Board said: “We are constantly reviewing measures to protect Canadians and our critical infrastructure from electronic threats, hacking, and cyber espionage. We encourage all government and non-government partners to use cyber security best practices.”
The attack came as the United States Department of Homeland Security warned that the US response to a possible Russian invasion of Ukraine could make the US a target of cyber-attacks by the Russian government and its proxies.
A DHS Intelligence and Analysis bulletin sent to law enforcement agencies around the country and viewed by ABC News said: “We assess that Russia would consider initiating a cyber-attack against the Homeland if it perceived a US or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security.”
Commenting on the bulletin, Tim Erlin, VP of strategy as Tripwire said: “The cybersecurity industry has gotten used to tossing around the idea of ‘nation-state’ adversaries, but I think we’ve yet to see cyber-attacks used in concert with a full-fledged military campaign.
“DHS’s warning sets that expectation that something has changed in the threat profile and that organizations should be prepared for a change in the types of attacks they see.”
Erlin warned that simply issuing an alert “doesn’t magically remove the obstacles that are preventing organizations from implementing solid security controls.”
More Stories
Indian Fishermen Are Catching Less Squid
Fishermen in Tamil Nadu are reporting smaller catches of squid. Blog moderation policy. Read More
More on My AI and Democracy Book
In July, I wrote about my new book project on AI and democracy, to be published by MIT Press in...
NHS England Warns of Critical Veeam Vulnerability Under Active Exploitation
NHS England has issued an alert regarding a critical Veeam Backup & Replication vulnerability that is being actively exploited, potentially...
US Border Agency Under Fire for App’s Handling of Personal Data
Access Now announced that the US Customs and Border Protection agency released records on its app following the NGO’s lawsuit...
IronNet Has Shut Down
After retiring in 2014 from an uncharacteristically long tenure running the NSA (and US CyberCommand), Keith Alexander founded a cybersecurity...
Sonatype Reports 156% Increase in OSS Malicious Packages
A new Sonatype report reveals a 156% surge in open source malware, with over 704,102 malicious packages identified since 2019,...