Russia-linked cyberattacks on Canada are growing. Here’s what we know

Click to play video: '‘Notable rise’ in Russia-backed cyberattacks against Canada: CSE'
‘Notable rise’ in Russia-backed cyberattacks against Canada: CSE
WATCH: Communications Security Establishment (CSE), Canada's cybersecurity agency, is warning of a recent "notable rise" of cyberattacks by Russia-backed actors, including activity directed at critical infrastructure networks. Mackenzie Gray explains – Apr 13, 2023

Canada’s cybersecurity agency warned that there is a “real” threat of physical damage to the country’s physical infrastructure from cyberattacks on the same day that Prime Minister Justin Trudeau linked Canada’s support of Ukraine to recent attacks attributed to Russia or pro-Russian groups.

Trudeau said Thursday that Canada’s stance on Ukraine is “bothersome” to the Russian government and pro-Russian hackers, but cyberattacks on Canadian websites and critical infrastructure providers won’t change the federal government’s support.

“Obviously, Canada’s unequivocally strong stance in support of Ukraine and against Russia’s illegal actions is bothersome to the Russian government and to pro-Russian hackers,” Trudeau told reporters.

“We are not going to flinch in any way on our steadfast and total support of Ukraine and the cause for which it’s fighting…. Ukrainians right now are fighting for the fundamentals of democracy, for the UN Charter, for the principles and values that underpin our country and so many others.

Story continues below advertisement

“A couple of denial of service attacks on government websites, bringing them down for a few hours is not going to cause us to rethink our unequivocal stance of doing whatever it takes for as long as it takes to support Ukraine.”

A cyberattack on Hydro-Québec knocked out its website and mobile app Thursday.

Hydro-Québec says it was targeted at around 3 a.m. Eastern by a denial-of-service assault — when attackers flood an internet server with traffic and overwhelm it.

The utility says the attack has shut down its website and cellphone application but says its critical systems are not affected.

Breaking news from Canada and around the world sent to your email, as it happens.

It also says there was no data breach and personal data was not compromised.

Pro-Russian groups have claimed responsibility for recent cyberattacks, including on Trudeau’s website and the websites for the Port of Québec and Laurentian Bank.

On Tuesday, Trudeau said “no physical damage was done” to Canadian energy infrastructure that leaked U.S. intelligence suggests was accessed by Russian hackers.

Rise in 'cyber threat activity'

In a conference with reporters Thursday, Sami Khoury, head of the Canadian Centre for Cyber Security, confirmed that a “cyber threat actor had the potential to cause physical damage to Canadian critical infrastructure.”

Story continues below advertisement

“As the prime minister said, I can report there was no physical damage to any Canadian energy infrastructure. But make no mistake: the threat is real,” he said.

Khoury said since Russia’s invasion of Ukraine in February 2022, there has been a “notable rise in cyber threat activity by Russian-aligned actors targeting Ukraine‘s allies,” including Canada, and it is in direct response to the country’s support of Ukraine.

Click to play video: '‘No physical damage’ to Canadian energy infrastructure amid reports of cyberattacks: Trudeau'
‘No physical damage’ to Canadian energy infrastructure amid reports of cyberattacks: Trudeau

He said that the cyber activity is frequently directed at critical infrastructure networks and the IT and operational systems of vital sectors, and those who run the systems must be alerted of the risks.

Russian cyber threat actors have been exploring potential counterattacks against Canada and its allies since early 2022, Khoury said intelligence reporting has found. The threats come from pro-Russian, non-state actors as well as Russian-sponsored actors, who have “almost certainly” stepped up espionage against NATO countries.

Story continues below advertisement

“They’re almost certainly developing cyber capabilities against targets in the European Union and NATO, including the United States and Canada,” he said.

CSE regularly shares indicators of compromise with Canadian critical infrastructure as soon as it gets actionable intelligence, Khoury said, and the agency recently shared a confidential “Cyber Flash” with partners confirming the recent threat to Canada’s infrastructure.

In a statement Thursday, Defence Minister Anita Anand urged Canadian critical infrastructure organizations to follow government recommendations to help protect against cyberattacks. She took the unusual step of laying out specific actions for organizations to take.

“If you run the critical systems that power our communities, offer internet access to Canadians, provide health care, or generally operate any of the services Canadians can’t do without, you must protect your systems,” she said. “Monitor your networks. Apply mitigations.”

Her urging comes as C-26 remains in the House of Commons nearly a year after being introduced. The legislation would let the federal government compel critical infrastructure providers in key sectors to comply with orders to take cybersecurity protective measures, and to keep any orders they receive secret from the public.

— with files from The Canadian Press and Aaron D’Andrea.

Sponsored content