A computer network disruption continues to hobble Canada’s foreign ministry nearly four weeks after it was first detected, as security experts say the incident was the likely result of a cyberattack.
The Department of Global Affairs says problems persist both home and abroad.
“The unplanned IT service outage continues to affect Global Affairs Canada’s headquarters, regional offices and missions abroad,” department spokesperson Patricia Skinner said in a statement.
While e-mail and phone services are unaffected, “some Internet-based services are not currently available,” Ms. Skinner said.
She said this does not affect consular support for Canadians abroad and that Global Affairs staff have been given instructions on workarounds that allow them to access the internet.
What Ottawa’s Treasury Board of Canada Secretariat called a “cyber incident involving Global Affairs” was first detected on Jan. 19, “after which mitigation measures were taken,” the government said at the time.
Ms. Skinner said Global Affairs is working with the Communications Security Establishment’s Centre for Cyber Security to restore service as soon as possible. “Global Affairs Canada has very robust security monitoring in place, and takes cyber security and this incident very seriously.”
The government has so far declined to cast blame for the incident.
The January incident came after Canada’s cyberspy agency warned of possible Moscow-backed cyberattacks on Canadian critical infrastructure, as Western countries prepare economic sanctions in the growing expectation that Russia will invade Ukraine.
Stephanie Carvin, a former national security analyst and an associate professor of international relations at the Norman Paterson School of International Affairs, said “there is no reason to doubt this was a cyber hack.”
Prof. Carvin recalled the 2014 cyberattack on Canada’s National Research Council – an act Ottawa blamed on China – and said she’s surprised the government has not grown more resilient since. “Have we not learned to recover from these things faster?”
On Monday, a federal intelligence watchdog group warned of significant gaps in the Canadian government’s cyberdefences.
The National Security and Intelligence Committee of Parliamentarians said in a new report that it has identified “significant discrepancies” in how cyberdefence policies are applied.
“A large number of organizations, notably Crown corporations … neither adhere to Treasury Board policies nor use the cyber defence framework,” the NSICOP said. “The threat posed by these gaps is clear. The data of organizations not protected by the government cyber defence framework is at significant risk.” The group said unprotected organizations “potentially act as a weak link in the government’s defences.”
Canada is far from the only target. Last week, it emerged that Britain’s foreign ministry was the target of a serious cybersecurity incident earlier in 2022, according to tender documents posted on the U.K. government’s website. The Foreign and Commonwealth Office was forced to call in BAE Systems Applied Intelligence to deal with the incident, according to the documents.
The online networks of Ukraine’s defence ministry and two banks were overwhelmed on Tuesday, and Ukraine’s information security centre pointed the finger at neighbouring Russia.
“It is not ruled out that the aggressor used tactics of little dirty tricks because its aggressive plans are not working out on a large scale,” the Ukrainian Centre for Strategic Communications and Information Security, which is part of the culture ministry, said in a statement.
The United States and its allies have indicated that they are prepared to respond to Russian digital incursions, even if details remain sparse.
White House press secretary Jen Psaki on Tuesday said there were “a range of means that we could respond – both seen and unseen – to a cyberattack or any other attack.”
Know what is happening in the halls of power with the day’s top political headlines and commentary as selected by Globe editors (subscribers only). Sign up today.