Canadian intelligence warns state-sponsored actors "very likely" to disrupt nation's power supply

Canadian intelligence warns state-sponsored actors "very likely" to disrupt nation's power supply | Insurance Business Canada

Canadian intelligence warns state-sponsored actors "very likely" to disrupt nation's power supply

A new report from the Communications Security Establishment (CSE) warns that state-sponsored actors are “very likely” preparing to launch cyberattacks at Canada’s critical infrastructure, such as the nation’s electricity supply.

“As physical infrastructure and processes continue to be connected to the internet, cyber threat activity has followed, leading to increasing risk to the functioning of machinery and the safety of Canadians,” said a national cyber threat assessment from the CSE’s Canadian Centre for Cyber Security.

“We judge that state-sponsored actors are very likely attempting to develop the additional cyber capabilities required to disrupt the supply of electricity in Canada,” the report added.

The report said that Russian state-actors have probed the networks of electricity utilities in both the US and Canada last year. Chinese state-actors have also previously targeted US utility employees, the CSE noted. The report also touched upon how Iranian hacking groups have targeted industrial control systems, and how North Korean malware ended up in the network of a power plant in India.

The CSE explained in its report that although it is unlikely that cyber threat actors would intentionally disrupt critical infrastructure to cause major damage or loss of life, they would target organizations “to collect information, pre-position for future activities, or as a form of intimidation.”

According to the report, the operational technology used to control infrastructure such as dams, boilers, electricity and pipeline operations previously used legacy systems. But manufacturers have increasingly integrated new information technology in their systems – which might make work easier and more efficient, but can come with risks, warned Scott Jones, head of CSE’s Canadian Centre for Cyber Security.

“So that means now it is a target, it is accessible and it’s vulnerable. So what you could see is shutting off of transmission lines, you can see them opening circuit breakers, meaning electricity simply won’t flow to our homes to our business,” Jones told the media in a briefing.

Jones said that the purpose of the briefing is not to scare the public, but to raise awareness of the potential cyber threat.

An expert believes Canada’s electrical systems should be easier to defend, compared to other countries like the US.

“Since in Canada, they’re very centralized, it’s easier to defend ... while down in the States, they have multiple companies all around the place. So the weakest link is very hard to identify where it is, but the effect is a cascading effect across the country,” Université de Sherbrooke professor and former Department of National Defence cybersecurity officer Steve Waterhouse told CBC News.

But even though Canada’s system is easier to defend, Waterhouse urged that energy companies still have to prepare themselves for any cyber threat.

The CSE also warned in its report that state-sponsored actors will continue to launch commercial espionage attacks against Canadian businesses to steal intellectual property. It also cautioned that while Canada has been deemed a “low priority” when it comes to cybercrimes like phishing, the country’s media ecosystem is tied with the US and UK – this means any major cybercrime against the two countries deals collateral damage to Canadians.