Pro-Russian hackers ramp up attacks on Canadian infrastructure

Canada’s support for Ukraine has triggered an increase in cyberattacks against critical infrastructure, according to a statement from the Communications Security Establishment (CSE).

On April 13, the CSE warned of increasing cyber threats from Russian-aligned hackers targeting Ukraine’s supporters. Many of these attacks target critical infrastructure networks – systems such as energy, utilities, health care, transportation, food supply chains, communications and financial services.

“These activities are a direct response to our steadfast support to the people and Government of Ukraine – and they will not deter Canada’s support for Ukraine,” the statement read.

Russia’s supporters claim responsibility for hacks

Earlier this month, pro-Russian hackers claimed responsibility for a distributed denial of service (DDOS) attack against Hydro-Québec that took the utility’s website offline.

Documents leaked from the Pentagon indicated Russian hackers also succeeded in accessing Canada’s natural gas distribution network – although which utilities were affected remains unclear.

During Ukrainian Prime Minister Denys Shmyhal’s visit to Toronto, pro-Russian hackers took credit for DDOS attacks that affected the websites of the Prime Minister of Canada and the Senate of Canada.

DDOS attacks also shuttered the websites of the Port of Halifax and the Port of Montreal earlier this month – although no one stepped forward to claim credit for those attacks.

“Monitor your networks”

In its statement, the CSE urged operators of critical infrastructure to remain vigilant amid mounting cyber threats from Russian sympathizers.

“If you run the critical systems that power our communities, offer internet access to Canadians, provide health care, or generally operate any of the services Canadians can’t do without, you must protect your systems,” the statement read. “Monitor your networks. Apply mitigations.”

Recommendations from the CSE include:

  • Isolating critical infrastructure services from the internet when systems are under attack
  • Testing your manual controls to ensure functionality when your network is down
  • Testing your operational technology networks, including your industrial control systems, to ensure your critical functions are still operational during a network outage
  • Using secure workstations to perform sensitive tasks
  • Using network security zones to control and restrict access to data
  • Protecting your systems from DDOS attacks

Preparing for an attack

The Canadian and U.S. governments have been warning about the growing threat of cyberattacks on critical infrastructure since Russia invaded Ukraine last year.

If you’re looking to shore up your cyber defences, the Canadian Cyber Centre has published several resources, including articles on security considerations for industrial control systemsthe top 10 ways to protect internet-connected networks and security vulnerabilities and patches.

The lawyers in the MLT Aikins Privacy, Data Protection & Cybersecurity team have helped critical infrastructure operators and other clients develop effective strategies to prevent and respond to cyberattacks. Download our cybersecurity checklist to assess your current cybersecurity strategy.

Note: This article is of a general nature only and is not exhaustive of all possible legal rights or remedies. In addition, laws may change over time and should be interpreted only in the context of particular circumstances such that these materials are not intended to be relied upon or taken as legal advice or opinion. Readers should consult a legal professional for specific advice in any particular situation.