Canada’s foreign and consular affairs department, Global Affairs Canada, was hit by a cyberattack last week.
While critical services remain accessible, access to some online services is currently unavailable as government systems continue to recover from the attack.
Global Affairs Canada systems face network disruption
Global Affairs Canada (GAC) systems faced a network outage after suffering a cyberattack last week.
GAC is the Canadian government department responsible for the country’s diplomatic and consular relations, international trade, and directing international development and humanitarian assistance programs.
In a statement today, the Treasury Board of Canada Secretariat (TBS), Shared Services Canada and the Communications Security Establishment together confirmed that a cyber incident involving Global Affairs Canada took place last week.
The attack was detected on January 19, after which mitigation measures were taken.
The Canadian government further states that while essential services continue to be available through Global Affairs online systems, “some access to the Internet and Internet-based services” is unavailable due to security measures. Mitigation have been put in place and systems are being restored.
There is no indication that other ministries were affected by the attack, the government said.
“There are systems and tools in place to monitor, detect and investigate potential threats, and to take active steps to address and neutralize them when they occur,” TBS says.
Attack comes amid tensions between Ukraine and Russia
Official sources have yet to reveal what was the cause of the attack or who the threat actors behind it are, as the investigation continues.
The cyberattack on the Canadian government comes at a time when Russian-Ukrainian tensions continue to escalate.
Equally interesting is the fact that the attack happened around the time the Canadian Center for Cyber Security published a Warning “critical infrastructure operators” to be aware of known Russian-backed cyber threats and to take mitigating measures against them.
“This investigation is ongoing. We are unable to comment further on specific details for operational reasons,” TBS said.
“Our cyber defense and incident response teams work 24/7 to identify compromises and alert potential victims within the GC and Canada’s critical infrastructure. The Incident Response Team offers guidance and support to contain the threat and mitigate any potential damage.
Earlier this month, several Ukrainian government websites were downgraded, including that of the country’s foreign ministry.
Some suspected threat actors are Russian, although acts of website defacing are not the typical attack method used by a Russian state-sponsored hacking group like GRU.
While the threat actors behind the incident have yet to be revealed, this is not the first time attackers have successfully targeted Canadian government systems.
In November 2021, the Canadian province of Newfoundland and Labrador was hit by a cyberattack causing severe disruption to healthcare providers and hospitals.
In early 2021, Canada Post suffered a data breach due to a ransomware attack against one of its third-party vendors
Previously, hackers could access 9,041 GCKey accounts through the technique of “credential stuffing” to steal tax relief payments from Canadians.
“We are constantly reviewing measures to protect Canadians and our critical infrastructure from electronic threats, hacking and cyber espionage,” TBS concluded, while encouraging everyone to follow cybersecurity best practices.