Canada’s Foreign Affairs Ministry Pwned By Hackers…. Russia Suspected

Late yesterday it came to light that Foreign Affairs Canada had been hit by some sort of cyberattack with pretty serious consequences according to Reuters:

The incident was detected last Wednesday, a day before Canada’s signals intelligence agency said network operators of critical infrastructure should boost their defenses against Russian state-sponsored threats.

“Critical services … are currently functioning. Some access to internet and internet-based services are currently not working,” said a statement from the Treasury Board, which has overall responsibility for government operations.

As you can tell from that statement, the suspicion is that Russia is behind this. Which isn’t a surprise with their actions against Ukraine and the tensions that it created. Canada doesn’t typically comment on these sorts of things. But I suspect that we’ll hear more about this in the coming days.

UPDATE: Chris Olson, CEO of The Media Trust, had this comment:

“As highlighted by recent events, the ability to disrupt digital channels has become a strategic weapon in today’s geopolitical environment. Shutting off or redirecting websites/mobile apps harms not only consumers looking to access those services but also revenue and communication channels for business and government entities. Avoiding this scenario requires continuous monitoring of client-side experience to detect anomalous activity (domains, vendors) before it propagates and causes extensive damage. Establishing and maintaining digital trust and safety is a priority in 2022.”

UPDATE #2: Saryu Nayyar, CEO and Founder, Gurucul had this comment:

“As Canada’s own intelligence agencies have recommended just prior to the attack, organizations need to upgrade their security capabilities in lieu of potential Russian attacks. Outside of even nation state threats, threat actor groups continue to evolve their campaigns. However, despite existing investments in perimeter and defensive solutions, endpoint, XDR, and SIEM, threat actors are still evading these tools successfully. With stolen credentials and phishing attacks being used to get inside networks easily, upgraded solutions that offer behavioral based threat detection along with adaptable machine learning (ML), not rule-based, and true artificial intelligence models found in a small set of next generation SIEMs are critical to stop these multi-staged attack campaigns.”

One Response to “Canada’s Foreign Affairs Ministry Pwned By Hackers…. Russia Suspected”

  1. […] The Department of Homeland Security reportedly sent out a bulletin Sunday to critical infrastructure operators and local government officials warning of the potential for cyberattacks launched by the Russian government in response to any US involvement in a potential war in Ukraine. This dovetails with the cyberattack on the Canadian government that I reported on earlier today. […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: