Canada’s National Research Council hit by ‘cyber incident’

A construction worker scales the site of new facilities as a part of the National Research Council Canada in Montreal on Nov. 30, 2020.Andrej Ivanov/The Globe and Mail

The National Research Council, Canada’s premier science and engineering institution, says it’s been hit by a “cyber incident” – a disruption that comes two months after the country’s foreign ministry suffered a computer network malfunction widely regarded as a cyber attack.

The term “cyber incident” is regularly used by Canadian government cybersecurity officials to describe unauthorized attempts “to gain access to, modify, destroy, delete, or render unavailable any computer network or system resource.”

The National Research Center (NRC) is the second Canadian government entity to publicly report a cyber attack this year as tensions mount between Canada and Russia and Canada’s cybersecurity agency warns of the risk of attacks from Moscow-affiliated hackers.

Christine Aquino, director general of communications at the National Research Council said in a statement Monday said the attack was first detected March 18 and “mitigation actions were immediately taken.”

Ms. Aquino declined to provide more detail or to say whether this cyber attack came from Russia or individuals and organizations associated with the Russian government.

“The investigation into this incident is ongoing, so we do not have any further information to share at this time,” Ms. Aquino said, adding the agency was working with the Communication Security Establishment’s Canadian Center for Cyber ​​Security.

“As a scientific organization, the NRC remains constantly vigilant to the risk of cyber-attacks,” she said. “Procedures and controls are in place at the NRC to mitigate these risks; these procedures and controls made it possible for the organization to respond quickly to the March 18 incident.”

Back in January Canada’s Communications Security Establishment (CSE), through its Center for Cyber ​​Security warned of possible Moscow-backed cyberattacks on Canadian critical infrastructure, as Western countries prepared economic sanctions against Russia for its buildup of troops near Ukraine. That risk has only risen as the West hit Moscow with crippling sanctions following its invasion of Ukraine in late February.

Back in January Canada’s Department of Global Affairs was hit by a cyber attack that left the ministry’s access to the Internet hobbled for more than four weeks.

The NRC has previously been targeted by foreign hackers. In 2014 the Canadian government publicly blamed China for a cyberattack on the research agency, reporting that computers at the National Research Council were breached and pointing the finger at “a highly sophisticated Chinese state-sponsored actor.”

In February, a federal intelligence watchdog group warned of significant gaps in the Canadian government’s cyberdefences.

The National Security and Intelligence Committee of Parliamentarians said in a new report that it has identified “significant discrepancies” in how cyberdefence policies are applied.

“A large number of organizations, notably Crown corporations … neither adhere to Treasury Board policies nor use the cyber defense framework,” the NSICOP said. “The threat posed by these gaps is clear. The data of organizations not protected by the government cyber defense framework is at significant risk.”

The group said unprotected organizations “potentially act as a weak link in the government’s defences.”

Canada is far from the only target. In February, it emerged that Britain’s foreign ministry was the target of a serious cybersecurity incident earlier in 2022, according to tender documents posted on the UK government’s website.

The Foreign and Commonwealth Office was forced to call in BAE Systems Applied Intelligence to deal with the incident, according to the documents.

In January, Canada’s Cyber ​​Centre, part of the Communications Security Establishment, joined its counterparts in the United States and Britain in urging Canadian companies, such as electrical utilities and energy firms, to watch out for cyberattacks from Russia.

The agency said in a statement that it is aware of foreign cyberthreat activities, including by Russian-backed actors, to target operators of Canadian critical infrastructure networks and their operational and information technology.

Our Morning Update and Evening Update newsletters are written by Globe editors, giving you a concise summary of the day’s most important headlines. Sign up today.


Leave a Reply