The federal government is warning Canadian businesses and organizations about the increased threat of cyberattacks and malicious software amid Russia’s invasion of Ukraine.
Communications Security Establishment, a government agency responsible for signals intelligence and cybersecurity in Canada, said it is monitoring threats directed at infrastructure networks and has been issuing bulletins or public advisories. The agency is also relaying confidential information through protected channels about new forms of malware and other tactics, techniques and procedures being used to target victims.
“Russia has significant cybercapabilities and a demonstrated history of using them irresponsibly,” CSE spokesperson Ryan Foreman said Monday. “In light of Russia’s ongoing, unjustified military offensive in Ukraine, CSE and its Canadian Centre for Cyber Security strongly encourage all Canadian organizations to take immediate action and bolster their online cyberdefences.”
CSE would not confirm whether there are any Canadian organizations or businesses that have been affected so far by the war in Ukraine, but said “there has been an historical pattern of cyberattacks on Ukraine having international consequences.”
“While we can’t speak about specific operations, we can confirm that CSE has been tracking cyberthreat activity associated with the current crisis. CSE has been sharing valuable cyberthreat intelligence with key partners in Ukraine. We also continue to work with the Canadian Armed Forces in support of Ukraine, including intelligence sharing, cybersecurity and cyberoperations,” the agency said.
Independent cybersecurity experts said organizations that are already strained – such as hospitals, police communications and the country’s utility companies – are most vulnerable to Russian retaliation in the form of cyberattacks, malware or ransomware. Phishing and social engineering tools are the preferred methods that attackers use to gain unauthorized access over systems, experts said.
“The fact is that really everyone should have already been bracing for this, because almost everything we do is digitized and thus has potential to be digitally breached,” said Lisa Kearney, chief executive officer of the Women CyberSecurity Society Inc.
“But the problem is that we may never know the true extent of a cyberbreach because no one really wants to admit that kind of thing when it happens to them. And even when we do learn about it or how we can learn from it, it’s months and months after the threat actually occurred.”
Last week, the Canadian Centre for Cyber Security sent out a public alert stating it is aware of a new malware called “HermeticWiper” that is targeting Ukrainian organizations. The centre said the malicious software wipes all the data of a company or agency and makes it completely unrecoverable.
“The HermeticWiper is a good example of how we learn about specific malware,” Ms. Kearney said. “Here we have a malicious type of software that can actually stop your business from operating to prevent revenue. But when did we learn about this and what are the key ways to prevent this? We don’t really have all the answers yet.”
Charles Finlay, executive director of Rogers Cybersecure Catalyst at Ryerson University in Toronto, said there is no need to panic yet, however.
“Canada has invested lots of funding into cybersecurity over the years. We know what the challenges are. We understand the kinds of attacks that the government of Russia has launched in the past and we understand what we need to do about those kinds of attacks,” he said.
“But we have to be very careful here because more often than not these attacks may be launched against that one target, but it can then spread well beyond the intended target.”
Market shares for cybersecurity software companies shot up on Monday, as analysts expected higher spending on security-related services.
Your time is valuable. Have the Top Business Headlines newsletter conveniently delivered to your inbox in the morning or evening. Sign up today.