DDoS attacks block PM Trudeau’s web site

A pro-Russian threat group is believed to be behind a distributed denial of service (DDoS) attack that has blocked access to Prime Minister Justin Trudeau’s official web site. The attack appears to have been timed to coincide with the government’s meeting today with Ukrainian Prime Minister Denys Shmyhal.

As of 1:30 p.m. Eastern, the Canadian Prime Minister’s web site https://pm.gc.ca/en was still unavailable.

UPDATE: The site was back up around 2 p.m. Eastern

At a press conference today, Trudeau addressed the incident. “As you know, it’s not uncommon for Russian hackers to target countries as they are showing steadfast support for Ukraine, as they are welcoming Ukrainian delegations or leadership to visit, so the timing isn’t surprising. But in case anyone was wondering, Russia being able to bring down an official government of Canada web page for a few hours is in no way going to dissuade us from our unshakable support of Ukraine.”

Trudeau also addressed news reports that leaked documents apparently from the U.S. Pentagon include mention of a pro-Russian hacktivist group telling Russian intelligence that the group had accessed a Canadian gas pipeline.

“I can confirm in regards to reports of cyber attacks against Canadian energy infrastructure that there was no physical damage to any energy infrastructure following cyber attacks,” Trudeau said.

It wasn’t clear from the statement whether Trudeau was confirming that a pro-Russian group recently had compromised the operational technology side of a pipeline company, or whether he was saying there has never been physical damage to a pipeline from a cyber attack.

The legitimacy of the stolen documents hasn’t been confirmed. The U.S. Justice Department is taking them seriously enough that it has opened an investigation, but some commentators think certain documents have been altered. For example, it is alleged that one document underestimates the extent of Russian casualties in the war with Ukraine, apparently to give the impression the war hasn’t hurt Russia as much as other countries think.

According to the news site Zero Day, the controversial stolen documents also include a page, apparently from a U.S. intelligence briefing, with two paragraphs about the alleged cyberattack by the Russian hacking group called Zarya on an unnamed Canadian energy company.

To prove its claim, Zarya allegedly shared screenshots with an officer of the Russian counterintelligence Federal Security Bureau (FSB) showing it had accessed the Canadian pipeline operator and had the ability to increase valve pressure, disable alarms, and initiate an emergency shutdown of the facility. Zero Day, which saw the stolen document, says the U.S. intelligence briefing didn’t identify the Canadian victim, writing that the screenshot was of an “unspecified gas distribution station.”

Zero Day says the U.S. briefing document it saw indicates that the hacking group was “receiving instructions” from someone presumed to be an FSB officer, who ordered them to maintain their network access, and that the hackers were on “standby” for further instructions from the FSB.

Asked for comment about the DDoS attacks, the federal Communications Security Establishment (CSE), which is responsible for defending government IT networks, said it is “aware of reports that some Government of Canada websites have been offline. CSE and its Canadian Centre for Cyber Security have observed that it’s not uncommon to see distributed denial-of-service (DDoS) attacks against countries hosting visits from Ukrainian government officials. While these incidents draw attention, they have very little impact on the systems affected.

CSE and its Canadian Centre for Cyber Security continue to work closely with our cyber defence colleagues at the Treasury Board Secretariat – Office of the Chief Information Officer, and Shared Services Canada and other Government of Canada departments and agencies to ensure there are systems and tools in place to monitor, detect, and investigate potential threats, and to neutralize threats when they occur. 

“The Government of Canada (GC), like every other government and private sector organization in the world, is subject to ongoing and persistent cyberthreats.

“CSE works every day to defend government systems from threats. On any given day, CSE’s defensive systems can block anywhere from 3 to 5 billion events targeting GC networks. These defensive actions are a result of CSE’s existing dynamic cyber defence capabilities which remain ready to defend Government of Canada systems and help protect against future attacks.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including ITBusiness.ca. Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs