For a third day in a row on Friday morning, the site of Prime Minister Justin Trudeau is in difficulty, after the attack by pro-Russian hackers following the visit of his Ukrainian counterpart Denys Shmyhal. The page stutters intermittently and loads very slowly.
On its Telegram account, the NoName057(16) group continues to brag about its misdeeds on Canadian pages, including that of the head of government. “Prime Minister Justin Bieber Trudeau’s official website was still offline Friday morning after suffering a denial of service attack,” he said.
SCREENSHOT FROM NONAME057’S TELEGRAM ACCOUNT(16)
The cybersecurity community is wondering about the PMO’s reaction to these successful denial of service (DDoS) attacks.
On Twitter, unflattering comments about his telecommunications team are circulating. “There are two options to explain that a website can be taken down by DDoS attacks so easily. Either they let them do it on purpose or they are f*** idiots”, can we read for example on the MalwareHunterTeam account.
Ex-policeman and cybersecurity expert Paul Laurier is not leaning towards either option. But he considers “completely abnormal that the site of the Prime Minister, the icon of the country, is still in difficulty”.
In the past few days, several websites have suffered the same kind of DDoS attacks. They consist of flooding a site with connection requests from hundreds of thousands, or even millions of robots, computers that hackers have infiltrated.
The Hydro-Quebec site broke down Thursday, but recovered from the attack. The pages of the ports of Montreal, Quebec and Halifax, those of Laurentian and TD banks, Nova Bus and Matrox companies, in particular, were also taken offline, before being restored.
Hackers have made a new victim today: the site of the Canadian Association of Defense Industries.
Direct support from Moscow?
In the case of the Prime Minister’s site, Paul Laurier believes that Moscow agents directly support the group of cyberpirates who claim responsibility for the attacks. “There is probably a Russian political body that supports them,” he says.
Cyber threat specialist Brett Callow of the antivirus firm Emsisoft also raises eyebrows at the repeated problems experienced by Justin Trudeau’s page. “I am surprised that the Prime Minister’s site is, and still is, vulnerable to these unsophisticated attacks since technically, it is easy to defend against them. »
Although hackers can use millions of machines to focus their attacks on a target, companies offer effective tools to deal with these attacks, he said.
Among other things, they can block connections from certain countries and detect known attack instruments, excessive traffic and all sorts of hints of hostile requests.
The specialized company Cloud Flare, but also web giants such as Google, Microsoft and Amazon, offer such tools, which are widely used.
According to Paul Laurier’s verifications, there is no indication that the Prime Minister’s site has connected to Cloud Flare.
If DDoS attacks in themselves are in principle easy to counter, he warns that they are not “trivial”. “Often it comes with something else. It won’t be known if any data was stolen until an investigation is complete. »
Contacted by The Press, the PMO had no comment on Friday. In a press conference with his Ukrainian counterpart on Wednesday, Justin Trudeau said he was unimpressed by the pro-Russian attacks.
“Let me be extremely clear: the fact that for a few hours there was a government page that was difficult to access is not going to deter us from being present and always there to do more to support the Ukraine,” he said.
Defense Warning
On Thursday, Defense Minister Anita Anand issued a statement warning the Canadian cybersecurity community to pay particular attention to attacks from pro-Russian hackers, which have been on a “remarkable rise” since the invasion of Ukraine.
“Canadian organizations and critical infrastructure operators – who operate the systems we depend on every day – must be prepared to protect against known cyber threat activity,” she says.
It highlights the actions of the Communications Security Establishment (CST) and urges the country’s organizations to be particularly cautious.
“Every day, CSE’s defensive systems block between three and five billion malicious actions that target government networks,” she says.