A computer attack was claimed against the Canada Border Services Agency website on Sunday, the same day an outage paralyzed check-in kiosks at border checkpoints at Canadian airports.
The distributed denial of service (DDoS) attack was claimed by user NoName057 on his Telegram account. He has already claimed responsibility for several other attacks affecting Canadian sites, including the site of Prime Minister Justin Trudeau last April.
Just last week, he claimed responsibility for new attacks on pages of the Quebec government, then on those of eight other Canadian provincial and territorial governments.
Late Sunday afternoon, a “national computer outage” of check-in kiosks caused a slowdown at border checkpoints across the country, including at Montreal-Trudeau International Airport, according to reports. ‘said its operator Aéroports de Montréal (ADM).
The Canada Border Services Agency (CBSA) subsequently confirmed that it had encountered “intermittent connectivity issues with kiosks and electronic gates” at airports across the country.
However, the organization declined to comment on Monday, saying it had “no new information to share regarding this outage at this time.”
In fact, “distributed denial of services” type attacks do little damage to the attacked systems. They simply consist of overloading a site by multiplying connection requests.
Overloaded website
According to several cybersecurity experts consulted, the computer system of airport check-in terminals should normally be in a closed circuit, that is to say that it would not be connected to the internet and therefore could not be the target of such attacks.
“With denial of service, it depends on how the network is interconnected,” however, raises the expert in cyberthreat detection at Streamscan, Karim Ganame.
His colleague, a specialist in cyber threats at Proofpoint, Alexis Dorais-Joncas, also raises the possibility that the check-in kiosks and the CBSA website share a common database which could falter if the organization’s website is submerged, such as during a DDoS.
“It is not impossible that the website overloaded by a DDoS in turn overloads the internal database, which can no longer be used for customs terminals,” he explains, adding that This is just a scenario.
In any case, “if indeed there is a link between the two (the attack and the terminal problems), it is problematic,” continues Karim Ganame. Indeed, this would be proof that a “DDoS can impact a transport and security system and paralyze it”.
According to him, Canadian authorities must think about the best way to respond to the NoName057 hackers.