Canadian National Research Council hit by ‘cyber incident’

A construction worker scales the site of new facilities as part of the National Research Council Canada in Montreal on Nov. 30, 2020.Andrey Ivanov/The Globe and Mail

The National Research Council, Canada’s premier scientific and technical institution, says it has been hit by a “cyber incident” — an outage that hit two months after the country’s State Department suffered a computer network outage widely regarded as a cyber attack. .

The term “cyber incident” is regularly used by Canadian government cybersecurity officials to describe unauthorized attempts “to access, modify, destroy, delete or make unavailable a computer network or system resource.”

The National Research Center (NRC) is the second Canadian government agency to publicly report a cyber attack this year, as tensions mount between Canada and Russia and the Canadian cybersecurity agency warns of the risk of attacks by Moscow-affiliated hackers.

Christine Aquino, communications director general at the National Research Council, said in a statement Monday that the attack was first discovered on March 18 and that “mitigating measures were taken immediately.”

Ms Aquino declined to provide further details or say whether this cyber attack came from Russia or from individuals and organizations associated with the Russian government.

“The investigation into this incident is ongoing, so we have no further information to share at this time,” Ms Aquino said, adding that the agency was working with the Canadian Center for Cyber ​​Security of the Communication Security Establishment.

“As a scientific organization, the NRC remains constantly vigilant for the risk of cyber attacks,” she said. “There are procedures and controls in place at the NRC to limit these risks; these procedures and controls enabled the organization to respond quickly to the March 18 incident.”

In January, Canada’s Communications Security Establishment (CSE), through its Center for Cyber ​​Security, warned of possible Moscow-backed cyberattacks on Canadian critical infrastructure, as Western countries prepared economic sanctions against Russia for building up troops near Ukraine. That risk only increased when the West hit Moscow with crippling sanctions following the invasion of Ukraine in late February.

In January, Canada’s Department of Global Affairs was hit by a cyberattack, which blocked the ministry’s access to the internet for more than four weeks.

The NRC has previously been the target of foreign hackers. In 2014, the Canadian government publicly accused China of a cyber attack on the research firm, reported computers at the National Research Council had been compromised and pointed the finger at “a highly sophisticated Chinese state-sponsored actor”.

In February, a federal intelligence watchdog warned of significant gaps in the Canadian government’s cyber defenses.

The National Security and Intelligence Committee of Parliamentarians said in a new report it has identified “significant discrepancies” in how cyber defense policies are applied.

“A large number of organizations, especially Crown companies… do not adhere to Treasury Board policies and do not use the cyber defense framework,” the NSICOP said. “The threat posed by these gaps is clear. The data of organizations not protected by the government’s cyber defense framework is at significant risk.”

The group said unprotected organizations “may act as a weak link in the defense of the government”.

Canada is far from the only target. In February, it emerged that the UK Foreign Office had been the target of a serious cybersecurity incident earlier in 2022, according to tender documents posted on the UK government’s website.

According to the documents, the Foreign and Commonwealth Office was forced to engage BAE Systems Applied Intelligence to handle the incident.

In January, Canada’s Cyber ​​Center, part of the Communications Security Establishment, joined its counterparts in the United States and Britain to urge Canadian companies, such as electric utilities and energy companies, to watch out for cyberattacks from Russia.

The agency said in a statement it is aware of foreign cyber threat activities, including by Russian-backed actors, targeting operators of Canadian critical infrastructure networks and their operational and information technology.

Our Morning Update and Evening Update newsletters are written by Globe editors and give you a succinct summary of the day’s main headlines. Sign up today

Leave a Comment