CSE warns Canadian critical infrastructure of Russian-backed cyber threat activity

The Canadian Centre for Cyber Security issued a bulletin warning operators of critical infrastructure in Canada to be aware and take steps to mitigate Russian state-sponsored cyber threat activity.

The Communications Security Establishment (CSE), through Canada’s Cyber Centre, said Wednesday it is aware of foreign xjmtzywcyber threat activities, including Russian-backed actors, to target Canadian critical infrastructure network operators and their operational and information technology.

Citing partners in the U.S. and U.K., the bulletin urges operators to be prepared to isolate critical infrastructure components and services from the internet and internal networks if those components could be considered attractive for a hostile threat to disrupt.

The CSE also warned that organizational vigilance should increase and to enhance security measures in place including patching vulnerabilities, enabling logging and backup, and deploying anti-viral software.

“Have a cyber incident response plan, a continuity of operations and communications plan and be prepared to use them,” the bulletin reads. “Inform the Cyber Centre of suspicious or malicious cyber activity.”

As the dispute between Russia and Ukraine ratchets up, NATO allies including the U.S., Canada and the U.K. have been increasingly involved in attempting to mitigate any moves towards a full-scale invasion by Russian and retaliation by Ukraine.

The bulletin also includes links to the CSE National Cyber Threat Assessment for 2020 which included warnings to Canadians about Russian and Iranian online trolls using fraudulent or “bot” accounts to highlight divisions amongst the public on major political issues like terrorism, climate change, pipeline construction and immigration and refugees.

The 2020 Threat Assessment also directly named the state-sponsored programs of Russia, China, Iran and North Korea as posing “the greatest strategic threats to Canada.”

Other relevant information, including a bulletin from Microsoft’s Threat Intelligence Center from Jan. 15 about destructive malware targeting Ukrainian organizations, is highlighted.

Microsoft alleged last year that the Russian-backed hackers responsible for the massive 2020 SolarWinds breach, known as “Nobelium,” have been targeting cloud service companies ever since.

We have published a bulletin encouraging the Canadian #CyberSecurity community to bolster their awareness of and protection against Russian state-sponsored cyber threats.

Learn more: https://t.co/rAR6iZsLd8 pic.twitter.com/viZ09Df6kJ

— Canadian Centre for Cyber Security (@cybercentre_ca) January 20, 2022

RELATED IMAGESview larger image