VANCOUVER — A series of cybersecurity attacks targeting British Columbia government networks likely involved the province or province-sponsored attackers, says Mike, B.C.'s Minister of Public Safety and Attorney General. Farnworth said Friday.
He said he does not personally know the identity of the provincial or provincial-backed attackers, and if he did, he would not know, as the investigation is ongoing and involves police, federal and provincial governments, and the Canadian Cyber Security Center. He also said he was not prepared to identify the person at this time.
“What I can tell you is what they were looking at as they investigated what was going on, through their technical experts within the government, the Canadian Cyber Security Center, and Microsoft's detection and response team in the private sector. “What it turned out to be was a very sophisticated operation,” Farnworth said at a news conference.
He said no ransom demands were made in connection with the cybersecurity attack, and the investigation found no evidence that any information was compromised.
“We have reason to believe that a state or state-sponsored attacker was responsible for the cyber attack,” Farnworth said. “Government officials, with support from other agencies, have been working to protect government systems and respond to the incident.
“Their hard work has ensured that government operations and services to British Columbians remain uninterrupted,” he said. “As we have stated previously, there is no evidence at this time that confidential government information has been compromised.”
Early Friday morning, Shannon Salter, B.C.'s director of public services and deputy minister to Premier David Eby, told a background briefing that the incident was first brought to the government's attention on April 10 and confirmed the next day. .
She said there was a second incident on April 29, when the attackers tried to escalate their actions, at which point the government instructed all civil servants to change their computer passwords.
Salter said investigators also determined that the attackers took steps to conceal their actions on May 6.
He said the cybersecurity attack was likely carried out by a state or state-sponsored actor, but added that he could not comment on names.
Eby was briefed on the attack on April 17 and has remained close to the matter ever since, she said.
The Prime Minister publicly revealed the incident on Wednesday, describing it as “sophisticated”.
Farnworth said police are involved in the investigation, as well as the Canadian Cyber Security Center and the federal government.
The Canadian Cyber Security Center is part of Canada's national cryptographic agency, the Communications Security Facility, which provides cybersecurity guidance, services and support to the government.
In April 2022, the Public Safety Council of Canada's hearing on “Countering Hostile Acts by State Acts” highlighted the threat to democracy from state actors who seek to undermine trust in democratic institutions and incite tensions over government policies. was discussed.
“In recent years, Canada has seen an increase in the frequency and sophistication of hostile activities by state actors, such as Russia, seeking to advance political, economic and security interests to the detriment of Canada.” says the official hearing record.
“The Government of Canada remains steadfastly committed to combating foreign interference that seeks to harm Canada, protecting our democratic institutions, and promoting our economic security,” the memo said. There is.
Farnworth said Thursday that the release of information about the attack was delayed because cybersecurity experts advised that the priority was to protect systems and their information before disclosure, which could increase vulnerabilities. .
Government cyberattacks include one in which hackers targeted a library in British Columbia and demanded a ransom not to leak user data, and another in which retail giant London Drugs was forced to close stores across Western Canada for more than a week. The incident comes amid other incidents in the state in recent weeks, including a recent attack.
London Drugs President Clint Mahlman said in a statement Friday that the government attack and the retailer's own case are “unrelated.”
“London Drugs empathizes with the current cybersecurity threats facing the British Columbia government and, despite London Drugs’ own experience with cybersecurity incidents, I would like to thank the Prime Minister, the Ministry of Health and Pharmanet for their incredible support of Drugs,” he said.
Farnworth said the state upgraded its security systems in 2022 and it was that step that detected the recent cybersecurity attack.
“The reality is this is the world we live in and it's constantly evolving,” he said.
This report by The Canadian Press was first published May 10, 2024.
Dirk Misner, Canadian Press
