Skip to main content
The Globe and Mail
Support Quality Journalism
The Globe and Mail
First Access to Latest
Investment News
Collection of curated
e-books and guides
Inform your decisions via
Globe Investor Tools
Just$1.99
per week
for first 24 weeks

Enjoy unlimited digital access
Enjoy Unlimited Digital Access
Get full access to globeandmail.com
Just $1.99 per week for the first 24 weeks
Just $1.99 per week for the first 24 weeks
var select={root:".js-sub-pencil",control:".js-sub-pencil-control",open:"o-sub-pencil--open",closed:"o-sub-pencil--closed"},dom={},allowExpand=!0;function pencilInit(o){var e=arguments.length>1&&void 0!==arguments[1]&&arguments[1];select.root=o,dom.root=document.querySelector(select.root),dom.root&&(dom.control=document.querySelector(select.control),dom.control.addEventListener("click",onToggleClicked),setPanelState(e),window.addEventListener("scroll",onWindowScroll),dom.root.removeAttribute("hidden"))}function isPanelOpen(){return dom.root.classList.contains(select.open)}function setPanelState(o){dom.root.classList[o?"add":"remove"](select.open),dom.root.classList[o?"remove":"add"](select.closed),dom.control.setAttribute("aria-expanded",o)}function onToggleClicked(){var l=!isPanelOpen();setPanelState(l)}function onWindowScroll(){window.requestAnimationFrame(function() {var l=isPanelOpen(),n=0===(document.body.scrollTop||document.documentElement.scrollTop);n||l||!allowExpand?n&&l&&(allowExpand=!0,setPanelState(!1)):(allowExpand=!1,setPanelState(!0))});}pencilInit(".js-sub-pencil",!1); // via darwin-bg var slideIndex = 0; carousel(); function carousel() { var i; var x = document.getElementsByClassName("subs_valueprop"); for (i = 0; i < x.length; i++) { x[i].style.display = "none"; } slideIndex++; if (slideIndex> x.length) { slideIndex = 1; } x[slideIndex - 1].style.display = "block"; setTimeout(carousel, 2500); }

Graduation officer at the Royal Military College of Canada walks on the parade square at the college in Kingston, Ont. on May 17, 2019. A cyberattack against the College has affected several military training centres.

Lars Hagberg/The Canadian Press

Federal officials say a cyberattack against the Royal Military College of Canada has also affected several military training centres across Canada.

In statements issued Tuesday, the Department of National Defence (DND) confirmed that the data breach – first reported by The Globe and Mail – began last Friday and has affected an entire computer network at the Canadian Defence Academy (CDA), which includes RMC and three institutions in Ontario and Quebec.

However, the DND also says the breach will not jeopardize any state secrets.

Story continues below advertisement

“A full assessment on the impact on Canadian Defence Academy and RMC operations is currently ongoing, which will include a network restoral timeline,” the department says. It added that “all early indications suggest this incident resulted from a mass phishing campaign” and that “this incident has not affected any classified systems or classified research.”

The CDA is an umbrella organization for studies in warfare that is based in Kingston, and it includes the Royal Military College, the Royal Military College Saint-Jean, the Canadian Forces College and the Chief Warrant Officer Robert Osside Profession of Arms Institute.

The RMC’s websites have been taken offline, and the department says Canadian Forces specialists are trying to resolve cybersecurity issues. According to the statement, the affected academic network is separate from the DND’s computer systems and no Canadian Armed Forces “active operations” are affected.

The military college is referring questions about the attack to the DND, and the department is not commenting on what kind of attack it is.

But the college’s dean of engineering, Greg Phillips, says on his personal website that the incident was a “ransomware” attack. “The RMC network has been attacked by ransomware. This is a software that exploits security holes to install itself, then encrypts the contents of disks and demands a ransom to decrypt and restore access to the data,” reads a blog item posted on his site Monday.

The dean’s message said computer networks at the school have been shut down as “partially a direct result of the attack and partially a tactic to limit the attack’s effect.”

The message told faculty and students to be patient and to hope for good outcomes. ”In the best of cases: your data is not affected and you can resume work as if nothing had happened. Worst case: your data is encrypted and not recoverable; you will have to trust your backups, whatever they are. Intermediate case: if we are particularly lucky, it may be possible to recover encrypted data, but it will take time.”

Story continues below advertisement

The DND did not respond to The Globe’s questions about whether the breach was related to ransomware, and Prof. Phillips could not be reached for comment on Tuesday. No RMC staff e-mails appear to be working. Prof. Phillips did not reply to messages left on his office phone or via the LinkedIn social-media service.

His post says that members of the RMC Computer Security Lab are providing consulting support to government officials investigating the incident. The lab is a branch of the college’s engineering department that teaches future military leaders about malware, intrusion detection and computer exploitation.

David Skillicorn, a computer-science professor at Queen’s University, said it would be intriguing to know just how the military schools were infiltrated by a potential ransomware attack – and how they hope to deal with it.

“I’m sure they wouldn’t pay it,” he said. “But I wonder if they were asked.”

Ransomware attacks are increasingly common and affect schools, governments, First Nations and private-sector organizations. Some organizations in Canada have admitted they have paid money to hackers to restore corporate data that were scrambled in cyberattacks.

Experts say it is unlikely that any federally run security entities – such as the RMC or the other schools – would pay a ransom.

Story continues below advertisement

“The government has a general policy of not paying ransom demands as a philosophical statement of belief and procedure because you don’t want to encourage the attackers,” said Bob Gordon, a former intelligence official who heads the Canadian Cyber Threat Exchange.

Military schools are extensions of the Defence Department, so they will likely have help from the best computing brains in Ottawa, Mr. Gordon said. “Essentially, this would be the whole of government doing the decryption.”

The computer breach came to the attention of most military-college staff on Saturday, when the college’s principal told his faculty not to use any RMC computers, not to access any information on those systems and not to plug any devices into these machines until the DND and the Canadian Armed Forces determine what has happened.

Our Morning Update and Evening Update newsletters are written by Globe editors, giving you a concise summary of the day’s most important headlines. Sign up today.

Report an error Editorial code of conduct
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies