Intelligence agency says cyber threat actor 'had the potential' to damage critical infrastructure
Leaked U.S. intelligence suggested hackers had accessed natural gas distribution network
One of Canada's intelligence agencies says a cyber threat actor "had the potential to cause physical damage" to a piece of critical infrastructure recently, a stark warning from the Communications Security Establishment amid a string of hits linked to pro-Russian hackers.
"I can report there was no physical damage to any Canadian energy infrastructure. But make no mistake — the threat is real," said Sami Khoury, head of the CSE's Canadian Centre for Cyber Security during briefing with reporters Thursday.
Earlier this week, leaked U.S. intelligence documents suggested Russian-backed hackers successfully gained access to Canada's natural gas distribution network.
Khoury said he couldn't comment on the leak and couldn't share much more information about recent cyber threat hit.
"There's a lot that happens behind the scenes, there's a lot of stuff we don't talk about publicly but we share with operators directly, because we know we can help them in defending their infrastructure," he told reporters during a briefing Thursday.
Defence Minsiter Anita Anand said Canada has seen a "notable rise in cyber threat activity by Russian-aligned" and issued a cyber flash on April 12 to let critical Canadian sectors know about an ongoing campaign.
"In this recent confidential flash, we noted that we had a confirmed report where a cyber threat actor had the potential to cause physical damage to Canadian critical infrastructure," Khoury said.
CSE has defined critical infrastructure as networks and systems that Canadians rely on for essential services, such as energy, water and utility systems, transportation systems, food supply chains and financial networks.
The briefing from the cyber and foreign signals intelligence agency comes at a time of heightened anxiety about cyberattacks linked to the ongoing war in Ukraine.
Earlier Thursday, a pro-Russian hacking group claimed responsibility for a cyberattack on Hydro Quebec, the province's state-owned electricity provider.
The same group took credit for knocking the Prime Minister Office website offline earlier this week in a distributed denial-of-service attack as Canada played host to Ukrainian Prime Minister Denys Shmyhal.
Denial-of-service attacks flood the target website with traffic, triggering a crash. Earlier this week CSE said these types of attacks have very little impact on the affected systems.
Russian-aligned actors targeting Ukraine's allies
Khoury said that state-sponsored cyber threat actors like to target critical infrastructure "to collect information through espionage, pre-position in case of future hostilities, and as a form of power projection and intimidation."
But Khoury and Anand urged anyone working in a critical sector to be prepared.
"If you run the critical systems that power our communities, offer internet access to Canadians, provide health care, or generally operate any of the services Canadians can't do without, you must protect your systems," said Anand.
"Monitor your networks. Apply mitigations."