Location: NATIONAL
Issue/Source: ADDRESSING CYBER SECURITY INCIDENTS
Date: APRIL 2023
Suggested Responses:
- Last week, several sectors in Canada were targeted by malicious cyberattacks, including in the Marine Sector.
- Transport Canada has worked closely with the Canadian Centre for Cyber Security and stakeholders to take measures in protecting themselves.
- The Government has introduced an Act respecting cyber security and is working actively now with stakeholders.
If Pressed:
- The Government of Canada is taking measures to enhance cyber security. It introduced Bill C-26, An Act Respecting Cyber Security, in June 2022.
- Transportation is a critical sector underpinning Canada’s key infrastructure and a target of cyberattacks.
- Transportation stakeholders are encouraged to report incidents into Transport Canada’s Situation Centre and the Canadian Centre for Cyber Security.
Background Information
- Per the Canadian Centre for Cyber Security’s (CCCS) 2023-24 National Cyber Threat Assessment, critical infrastructure is increasingly at risk from cyber threat activity as physical assets are becoming more digitally connected.
- Budget 2022 announced funding ($875.2M/5 years, $238.2M ongoing) to improve prevention, response and resilience for critical infrastructure and government systems. Funding was allocated to support efforts in four key sectors: finance, telecommunications, energy, and transportation.
- The week of April 10, the Government of Canada experienced a number of Distributed Denial of Service (DDoS) attacks targeting several websites such as the Prime Minister’s Office, National Capital Commission, the Senate, and Statistics Canada, making them largely inaccessible to visitors. On April 12, Canadian Centre for Cyber Security announced other NATO and Affiliated Nations were targeted.
- Concurrent to the activity against Government of Canada websites, a small number of marine critical infrastructure (CI) websites were also reported to be affected by similar activity, with reports of entities within the financial and energy sector also being affected.
- A DDoS attack is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. It is intended to overwhelm the website server to cause pages and applications to be inaccessible to legitimate users, as was observed during the most recent event.
- The source of attack has yet to be confirmed. The CCCS has engaged with stakeholders through an email advising of potential protective actions and recommending that cyber incidents be reported to both the CCCS and TC. Cloudflare, a cybersecurity mitigation software tool, along with other IT strategies were implemented to restore services.
- [ Redacted ]
- Once Bill C-26 receives Royal Assent, TC would consult with stakeholders and partners to develop the associated regulations for designated owners and operators within the transport sector who would be required to take specific measures to prevent, protect and report on cyber incidents, as well as improve their security posture from attacks.