(Victoria) A state or state-sponsored actor was likely responsible for a series of cybersecurity attacks targeting British Columbia government networks, Mike Farnworth, Minister of Public Safety and Solicitor General of British Columbia, said Friday. British Columbia.
He said he did not personally know the identity of the state or state-sponsored actor and was not currently prepared to identify them if he did, while the investigation involving the police, the federal and provincial governments and the Canadian Center for Cyber Security continues.
“What I can tell you is that it has become clear to technical experts in government and the Canadian Center for Cyber Security, as well as Microsoft’s private sector detection and response team, “What they saw when they investigated what was going on was that ‘it was a very sophisticated operation,'” Farnworth revealed at a press conference.
He said no ransom demands had been made in connection with the cybersecurity attacks and the investigation had found no evidence that any information had been compromised.
“We have reason to believe that the attack was carried out by a state or a state-sponsored actor that was involved in these cyberattacks,” Mr. Farnworth said. Government personnel, with support from other agencies, worked to protect government systems and respond to the incident. »
“Through their hard work, they were able to ensure that there was no interruption to government operations or services to British Columbians,” he said. As we have also said, there is currently no evidence that sensitive government information has been compromised. »
Incidents noticed from April 10
Earlier Friday, Shannon Salter, head of British Columbia’s public service and deputy minister to Premier David Eby, told a briefing that the incidents were first noticed by the government on April 10 and confirmed the next day.
She added that there was a second incident on April 29, in which the attacker tried to expand his actions, and at that time the government ordered all public sector employees to change their computer passwords.
Mme Salter said investigators also determined on May 6 that the attacker was taking steps to conceal his actions.
She said it was highly likely that the cybersecurity attacks were carried out by a state or state-sponsored actor, but she added that she could not comment on their names.
The prime minister publicly revealed the incidents on Wednesday, calling them “sophisticated.”
Mike Farnworth said police were involved in the investigation, as well as the Canadian Center for Cyber Security and the federal government.
The Canadian Center for Cyber Security is part of Canada’s national crypto agency, the Communications Security Establishment, which provides cybersecurity advice, services and support to the government.
In April 2022, a Public Safety Canada parliamentary hearing on “Combating Hostile Activities by State Actors” focused on the threats posed to democracy by state actors who seek to erode trust in democratic institutions and fuel violence. tensions around government policies.
“In recent years, Canada has seen an increase in the frequency and sophistication of hostile activities by state actors, such as Russia, seeking to advance their political, economic and security interests over those of Canada” , indicate the official notes of the hearing.
“The Government of Canada remains firmly committed to combating foreign interference from any foreign state seeking to harm Canada, protecting our democratic institutions and promoting economic security,” the notes state.
Farnworth said Thursday there had been a delay in releasing information about the attacks as cybersecurity experts said the priority was to protect the system and its information before making it public, which could potentially increase vulnerability.
The government cyberattack came amid other incidents in the province in recent weeks, including hackers targeting British Columbia libraries and demanding a ransom not to reveal user data, as well as an attack that forced retailer London Drugs to close its stores in Western Canada for more than a week.
London Drugs Chairman Clint Mahlman said in a statement Friday that the attack on the government and the incident at its retailers were “not related.”
Farnworth said the province upgraded its security systems in 2022 and it was these measures that helped detect recent cybersecurity attacks.
“The reality is that this is the world we live in and it is constantly changing,” he said.