The Canadian government said it is investigating a cyberattack on Global Affairs Canada (GAC) — its department for foreign and consular relations — that occurred on January 19.
The Treasury Board of Canada Secretariat (TBS), Shared Services Canada and Communications Security Establishment said in a statement released Monday evening that they are working with GAC to address the incident.
“Critical services for Canadians through Global Affairs Canada are currently functioning. Some access to Internet and internet-based services are not available as part of the mitigation measures and work is underway to restore them. There is no indication that any other departments have been impacted by this incident,” the federal agencies said.
“There are systems and tools in place to monitor, detect, and investigate potential threats, and to take active measures to address and neutralize them when they occur.”
Canadian news outlet CBC News said it obtained emails from Canadian missions abroad showing that some embassies were “experiencing electronic communications issues” and that email accounts were not working for hours.
The government statement said an investigation into the incident is ongoing and that they are not able to attribute the attack to any group or country.
“Our cyber defense and incident response teams work 24/7 to identify compromises and alert potential victims within the GC and Canadian critical infrastructure,” the agencies said.
“We are constantly reviewing measures to protect Canadians and our critical infrastructure from electronic threats, hacking, and cyber espionage. We encourage everyone to use cybersecurity best practices.”
CrowdStrike co-founder Dmitri Alperovitch appeared on Canadian TV on Tuesday and said Canadian sources told him it was not an “attack” because it was not destructive in nature.
“It could just be an intrusion that was designed for intelligence collection purposes to try and steal some information from Canadian networks. Certainly serious but not as serious as something that takes networks down, destroys data, destroys computers,” Alperovitch said.
The incident took place on the same day the Canadian Centre for Cyber Security sent out a bulletin to critical infrastructure operators warning them of the threats posed by Russian hackers. The warning mirrored one sent by US agencies but experts were quick to downplay any connection between the two.
Emsisoft threat analyst Brett Callow told ZDNet that while the fact the incident and announcement occurred on the same day hints at a link, it would be a mistake to assume that’s actually the case.
“It could also be unnecessarily inflammatory too. Coincidences can and do happen. At this point, it’s not clear whether the ‘cyber incident’ was indeed a ‘cyber attack’ or, if it was, who was responsible or what their objectives may have been,” Callow said.
Disclaimer : OneNewsTech.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us – firstname.lastname@example.org. The content will be deleted within 24 hours.