No Sooner Warned Than Struck : Russian CyberAttacks
"Canada's Cyber Centre ... is aware of foreign cyber threat activities, including by Russian-backed actors, to target Canadian critical infrastructure network operators, their operational and information technology.""[Attacks could arrive in a range of forms from a] widespread ransomware attack [to a] single, carefully focused [attempt to significantly impact core infrastructure]."Cyber Centre Agency, Communications Security Establishment"The depth of the information provided by the U.S. and the urgency used underlines the seriousness of this situation. These government bulletins do not come without sufficient research and justification.""While we can speculate what exactly drove this alert, the more important message is that the entire world should be watching the heightened tensions surrounding Russia's intentions toward Ukraine and, especially, the recent publicly acknowledged cyberattacks.""A cuberattack on any of Canada's critical support systems could cause crippling disruption to the population and the economy. For this reason, protecting critical infrastructure and the operational technology behind it is increasingly regarded as a mater of national security.""Canada and our allies have experienced a general increase in cyberthreat activity throughout the last year, including ransomware attacks, supply chain attacks, and the exploitation of discovered vulnerabilities in commonly used software.""Russian-linked groups have been among the drivers of this activity.""Should Russia-backed cyber threat activity launch against Canada, we can expect to see anything from a widespread ransomware attack to a single, carefully focused but impactful attack on our infrastructure.""It may take some time to work out what is going on (or what happened) as Russia has a long history of distracting opponents from its real intentions."David Masson, director, Darktrace cyber-A1 defence company"Russian state-sponsored advanced persistent threat actors have used sophisticated cyber capabilities to target a variety of U.S. and International critical infrastructure organizations, including those in the Defense Industrial Base as well as the Healthcare and Public Health, Energy, Telecommunications, and Government Facilities Sectors."U.S. Bulletin
Photo by Sean Kilpatrick/The Canadian Press/File |
Russia
uses all manner of cold-war, 21st Century battlefields delivering
messages to those countries that provoke Moscow's ire of their
displeasure, through their ability to negotiate around cyberspace and
threaten the infrastructure and social order of countries opposed to
Russia's moves on the international scene. In 2007 Estonia, a former
Soviet Union satellite, assaulted Moscow's sensibilities by removing a
memorial to the Soviet Red Army to a loss prominent position, and paid
for its audacity through a devastating series of major cyberattacks that
shut down banks, media outlets and government offices.
Russian speakers rose up on the streets in protest at the statue's move - and cyber attackers followed behind Getty Images |
In
more recent years, after the 2014 start of an ethnic-Russian Ukrainian
separatist group in the Donbas and Russia's military incursion, arming
and fighting alongside the separatists against Ukraine, culminating in
Russia's claiming of the Crimea Peninsula as Russian territory, the
standoff between Ukraine and the separatists in Donetsk and Luhansk in
eastern Ukraine while leading to active hostilities and violence also
saw Ukraine suffering cyberattacks threatening its electrical system
power grid in 2015.
And in mid-January Kyiv experienced cyberattacks on government offices, with an eerily sinister message: : "Be afraid and expect the worst."
This, in the buildup to a feared Russian invasion of Ukraine,
reclaiming what Vladimir Putin insists is a historical connection
between the two countries as one. And the 'one' who controls Ukraine
would be Russia. Embodying Mr. Putin's other cherished aspiration, to
appeal to the better sense of its neighbours to return to the good old
days of the USSR, within Russia's loving embrace.
A threatening message appeared on Ukrainian government websites on 14 January, 2022 |
Detailed
warnings arrived in Canada from the United States and United Kingdom
cybersecurity sections of the imminence of Russian actors imposing
hostile, threatening and damaging cyberattacks within Canada. Both the
U.S. and the U.K. warned that their own cybersecurity communities are in
a "heightened state of awareness, proactively searching out risks to their networks in response to threats from Russia", looming increasingly in the very near future.
Two
years earlier Canada's CSE warned that state-sponsored threat actors
like Russia were "very likely" trying to develop tools to allow them to
disrupt critical infrastructure "such as the supply of electricity", concluding that the attackers were not likely to want to disrupt critical infrastructure in Canada to cause "major damage or loss of life". But for the major caveat "in the absence of international hostilities".
Well, those international hostilities have eventuated with Russia's
massing of a 100,000 troops on the Ukraine border and deliberate
additional provocations enlisting Belarus and Kazakhstan bordering
Ukraine, in its assault plans.
"Critical services for Canadians through Global Affairs Canada (Department of Foreign Affairs) are currently functioning. Some access to internet and internet-based services are not currently available as part of the mitigation measures and work is underway to restore them.""At this time, there is no indication that any other government departments have been impacted by this incident.""The Government of Canada deals with ongoing and persistent cyber risks and threats every day. Cyber threats can result from system or application vulnerabilities, or from deliberate, persistent, targeted attacks by outside actors to gain access to information."Treasury Board of Canada Secretariat
(RedPixel/stock.adobe.com) |
So
there it is. No sooner said than done. Cyberattacks against Canadian
government departments are not new, they have been occurring with some
regularity of recent times. And the suspects are usually China or
Russia. This latest attack that occurred on the very day that Canada's
cyberdefence agency warned of Russian-backed threats, was a significant
attack, a cyber incident causing disruption to a group of departmental
systems. The Canadian Centre for Cyber Security, which had warned of
such an attack's likelihood is now investigating what it had predicted.
Civilian participants in a Kyiv Territorial Defence unit train in a forest on January 22, 2022, in Kyiv, Ukraine. (Sean Gallup/Getty Images) |
Labels: Aggression, Canada, Cyberattacks, NATO, Russia, Threats, Ukraine, United Kingdom, United States
<< Home