Investigation launched after National Research Council is hit by 'cyber incident'

An investigation is underway after the National Research Council reported beinghit Friday by what it's callinga "cyber incident."

"Due to a cyber incident, some applications on our website were taken offline and may be unavailable. We are working to bring applications back online as soon as possible," says a banner on the agency's website.

It's not clear yet what caused theincident.

A spokesperson for the NRC which works on science and technology research and development said it was detected Friday and steps were taken to mitigate the attack.

"As a scientific organization, the NRC remains constantly vigilant to the risk of cyber-attacks," said Matt Ellis in an email.

Ellis said the investigation is ongoing and the NRC is working with other departments, including the Communications Security Establishment (CSE) and its Canadian Centre for Cyber Security.

Innovation MinisterFranois-Philippe Champagne, whose portfolio includes the NRC, said it's too early to knowwhether this wasa state-sponsored attack.

"We've been made aware of a security breach at the NRC," he said Monday.

"Obviously we take national security as a primary concern so we took immediate action to prevent any damage."

In a statement issued to CBC News, CSEsaid the Government of Canada is subject to ongoing and persistent cyber threats.

"Cyber threats can result from system or application vulnerabilities, or from deliberate, persistent and targeted attacks by outside actors to gain access to information," said CSE spokesperson Evan Koronewski.

"At this point, we are unable to comment further on any specific details regarding this incident."

China targeted NRC back in 2014

A Chinese state-sponsored actor targeted the NRC back in 2014, according to the federal government.

The government reported that malware was used to infiltrate the NRC's network and steal 40,000 files, including documentsinvolving intellectual property, advanced research and proprietary business information from the agency's partners.

"China also leveraged its access to the NRC network to infiltrate a number of government organizations," said a recent report by the National Security and Intelligence Committee of Parliamentarians (NSICOP).

"The National Research Council possesses information related to Canadian advancements in technology and intellectual property that can be vital to the technical success of Canadian and international companies."

NSICOP's report,released just last month,pointed to gaps in Ottawa's cyber defences that could leave government agencies vulnerableto hacks, includingstate-sponsored attacks.

The committeewarned thatpolicies intended to secure government systems are not uniformly applied across the federal government.

Recently,CSEhas been warning power companies,banks and other critical elements of Canada's infrastructure and economyto shore up their defences against Russia-based cyber threat activity as the Western world responds to Moscow's invasion of Ukraine.