Websites for PMO's office, NCC among those crashed by hackers - Action News
Home WebMail Friday, November 22, 2024, 11:50 AM | Calgary | -10.8°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Ottawa

Websites for PMO's office, NCC among those crashed by hackers

Websites belonging to thePrime Minister's Office, the National Capital Commission and the hospital in Cornwall, Ont.,were incapacitated by cyberattacksthis week, and some experts say it's likely the work of pro-Russianhackers trying to undermine support for Ukraine.

Goal of pro-Russian hackers is to 'cause disruption,' says expert

A pair of hands typing on a green and black keyboard.
Experts say that it's likely some of the Canadian institutions being targeted by cyberattacks are being victimized by pro-Russian hackers. (RedPixel/stock.adobe.com)

Websites belonging to thePrime Minister's Office, the National Capital Commission and the hospital in Cornwall, Ont.,were incapacitated by cyberattacksthis week, and some experts say it's likely the work of pro-Russianhackers trying to undermine support for Ukraine.

Hackers target high-profile institutions with the intent of "causing disruption," said Jason Jaskolka, cybersecurity specialist and associate professor at Carleton University.

Anything that provides "value to us as a society," like a hospital,are"ripe" targets, he said.

"In some cases, it's really just a flex of muscle," Jaskolka said, adding that theymay be tryingto deter countries from taking punitive steps like the sanctions imposed against Russia.

"They want to try and cause so much minor disruption that people become resistant to the government's continuing to provide support to Ukraine," said Brett Callow, a cybersecurity threat analyst at Emsisoft.

Callow said it's likelyno coincidence that this week's attacks coincided with Ukrainian Prime Minister Denys Shmyhal visiting Canada to meet with Prime Minister Justin Trudeau.

Trudeau also announced that Canadaplans to ship thousands of assault rifles to Ukraine on Tuesday.

A large hospital building on a sunny day with two people walking in front of it.
People walk outside the Cornwall Community Hospital last August. The hospital recently experienced a "cyber incident," according to a post on its website. (Trevor Pritchard/CBC)

Pro-Russian groups take some credit

The website for the Prime Minister's Officewas unavailable for parts of Tuesday and Friday, with apro-Russian hacking group takingcredit for the first outage.

In an emailFriday, thePrivy Council Office said the site was"experiencing intermittent disruptions" and that it is working withShared Services Canada and the Communications Security Establishment's Canadian Centre for Cyber Security "to investigate and resolve the issue as soon as possible."

Pro-Russian hackers have also claimed responsibility for a cyberattack against Hydro-Qubec, saying they were continuing their "visits to Canada." The power utility said no personal data was compromised.

The NCC saidits website was taken down by an external attack on Monday and that neither its systems nor anypersonal data have been compromised.

The Cornwall Community Hospital was also victim to a "cyber incident" on Tuesday that may cause "some delays to scheduled or non-urgent care," it said in a statement posted on its website.

That statement also saidpatients' electronic health records were not affected.

Jason Jaskolka smiles at the camera in a professional headshot.
Assistant professor Jason Jaskolka says hackers target any institutions that provide societal value. (Submitted by Jason Jaskolka)

Annoying but not dangerous: expert

While it's important for people to be alert forcyberattacks, usually these kinds of incidents pose little real risk, Callow said.

The majority of website shutdowns have been the result of distributed denial-of-service (DDoS) attacks by Russia-sympathetic hackers essentially the internet version of a traffic jam, Callow said.

DDoS attacks aremalicious attempts to flood a web server with more traffic than it can handle, which makes the connected websites or services unable to function.

A high school kid could do it.- Brett Callow

It's a"very low level nuisance operation," Callow said, and not necessarilyindicative of sophisticated hacker activity.

"A high school kid could do it," he said.

The most useful tool in the battle against cyberattacks is awareness, Jaskolka said. While some institutions may not want to disclose they've been victimized over fear of losing credibility, that information is valuable, he said.

"Sharing that knowledge of how it happened, why it happened, when it happened, is essential information for actually coming up with good defences for these kinds of attacks," he said.

It's also important for employees to be aware of daily cybersecurityrisks, saidJaskolka, including when it might not be safe to respondto an email or click on a link.