The Royal Canadian Mounted Police (RCMP), found itself targeted in what has been described as an “alarming” cyberattack. The breach, which occurred on a Friday, prompted an immediate response from the RCMP, launching a criminal investigation into the incident and how their secure systems were able to be breached.
According to reports, the RCMP initiated a full investigation into the breach, seeking to discover the nature of the attack and the vulnerabilities that were exploited by the hackers.
The cyberattack on the RCMP comes on the heels of a similar incident targeting the Canadian government’s global affairs office, further highlighting the pervasive nature of cyber threats facing governmental institutions. The recent spate of attacks underscores the urgent need for enhanced cybersecurity measures across all levels of government and critical infrastructure.
Canada, like many nations, faces a constant cyber threats. In recent months, the government has been targeted by a number of high-profile attacks. Here’s some of the most recent reported security incidents:
1. Global Affairs Canada Breach (December 2023 – January 2024): Hackers breached the secure VPN of Global Affairs Canada, the department responsible for foreign policy and international trade. The attack compromised the personal information of employees and users, including emails, calendars, and contacts. The source of the attack remains unknown, and it’s unclear if classified information was accessed. (Source: Canadian Security Intelligence Service: https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents)
2. Government Contractor Data Breach (October 2023): LockBit, a notorious ransomware group, claimed responsibility for an attack on two government contractors, BGRS and SIRVA, who provide relocation services to government employees. The attack exposed the sensitive information of an undisclosed number of individuals. (Source: Cyber Security Hub: https://www.cshub.com/attacks/news/iotw-data-breach-exposes-sensitive-information-of-canadian-government-employees)
3. Denial-of-Service Attacks (September 2023): Government websites in four provinces and territories experienced outages due to denial-of-service (DoS) attacks. While some provinces attributed the outages to technical issues, others, like Yukon and Prince Edward Island, confirmed they were cyberattacks. DoS attacks can be used to mask other malicious activities, raising concerns about the potential for further breaches. (Source: Assurance IT: https://www.assuranceit.ca/blog/6-canadian-cyber-attacks-of-2023-that-were-swept-under-the-rug)
4. Disinformation Campaign Targeting Politician (August 2023): A Canadian politician was targeted by a Chinese disinformation campaign on WeChat, spreading false accusations about their race and political views. The Canadian government believes the attack was retaliation for the politician’s criticism of China’s human rights policies. (Source: Canadian Security Intelligence Service: https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents)
Additional Resources:
- Canadian Centre for Cyber Security: [https://www.cyber.gc.ca/]
- Communications Security Establishment Canada: [https://www.cse-cst.gc.ca/en]