According to the Ministry of Cybersecurity, there is no indication that data held by the government has been compromised. (Photo: The Canadian Press)
Since the night of Tuesday to Wednesday, government sites have been the subject of “distributed denial of services” type cyberattacks, attacks which come from Russian-speaking hackers according to a security expert.
The Minister of Cybersecurity and Digital Affairs of Quebec, Éric Caire, confirmed Wednesday afternoon that several government sites are the subject of “distributed denial of services” type computer attacks, which consist of “overloading a site by increasing connection requests” and that certain government sites could be temporarily unavailable.
Mr Caire added that there is no indication that data held by the government has been compromised.
According to the minister, it is difficult to protect against this type of intrusion.
“There are probes that ensure that we are able to deflect these attacks. When we are able to identify the addresses, we can deflect these attacks,” but “with these, it was not possible, because they came from several different addresses,” the minister said.
His ministry indicated that specialists in “Cybersecurity and Digital Technology as well as the organizations concerned are carrying out investigations and ensuring that the necessary mitigation measures and corrective measures are applied so that the situation can be restored as quickly as possible”.
A reaction to the war in Ukraine
According to cybersecurity specialist Steve Waterhouse, these attacks, on around ten government sites, are the work of the Russian-speaking hacker group “NoName057”.
Their goal is to “create a little chaos” by preventing users from viewing sites.
“They take a bunch of computers that are contaminated, what we call a botnet, and, on command, they send millions of requests to sites, very specific destinations.” The objective is “to attack sites of nations that support Ukraine,” explained the cybersecurity expert.
“They have carried out campaigns like this throughout the world and two days ago it was in Germany and today they are returning to Canada for the ixth time, but this time, they are attacking sites with financial connotations in addition to the Senate,” added Steve Waterhouse.
He explained that the group uses a communication channel on the Telegram network and that on Wednesday morning, “they demonstrated that they were going to carry out attacks of this nature.”
During his afternoon press briefing, Minister Caire did not indicate whether the government believed the “NoName057” group was behind the attack.
The parent company of Météomédia also indicated that it had been affected by a “cybersecurity incident” which caused an outage on some of its data systems.
As of Wednesday afternoon, the weather forecast site was still not working.
It is unclear whether these incidents are related.
By Stéphane Blais