National defence contractor suffers cyberattack

National defence contractor suffers cyberattack | Insurance Business Canada

National defence contractor suffers cyberattack

A Montreal-based aerospace company contracted to the military has suffered a crippling cyberattack – one that the government is trying to determine the extent of.

The Department of National Defense (DND) confirmed earlier this week that the vendor in question, CMC Electronics, alerted the government that it had sustained a “cyber breach related incident” in May.

According to procurement records, CMC had done millions in work for the Canadian Armed Forces, mainly in engineering and research development. DND noted that CMC had been contracted for such work for approximately $19.5 million since 2011. Most of the contracts, about 66, were for research and development of engineering services.

News of the hacking comes after the federal government announced on May 30 that CMC would participate in a joint $800 million job to upgrade Canada’s 85 CH-146 Griffon helicopters.

“DND/CAF does not comment on the cyber or IM/IT approaches of third-party vendors; however, we recognize the importance of cyber security in defence and defence contracting,” a DND spokesperson told Global News.

The spokesperson also gave assurances that none of DND’s internal systems employ CMC Electronics technology, adding that the department is “continuing to monitor” the situation while ensuring both CAF and its own information is safeguarded.

CMC Electronics has reached out to Insurance Business to confirm that the incident has been contained.
 
“On May 31, 2022, CMC Electronics (CMC) identified that an unauthorized third-party had gained access to our computer network and disrupted our operations in connection with a ransom demand.  We proactively took steps to shut down our network to protect our systems and data. At this stage, we are confident that we have successfully contained the incident," the company said in an email statement.
 
CMC also confirmed in its statement that it has launched an investigation into the matter with "the assistance of outside cybersecurity experts," which includes "leading forensics specialists," and that it had reported the incident to relevant authorities.
 
"CMC takes the security of our systems and our customers’ data extremely seriously, and we regret any concern or inconvenience this incident may cause," the company prefaced.
 
While there is no indication to date that those responsible for the cyberattack have stolen any sensitive military information, other public reports have suggested that the malware attack was allegedly carried out by a ransomware gang known as “ALPHV” or “BlackCat.” An intelligence source who asked to remain anonymous told Global News that it is believed that the ransomware group’s technology was developed by another group that has direct links to Moscow.