Canada is seeing a recent "notable rise" in cyber threat activity by Russian-aligned actors, but government websites have not been hacked or compromised by recent attacks, according to the Communications Security Establishment (CSE).
"These [attacks] are attention-grabbing, but do not mean the website has been hacked or that any information has been compromised," said Sami Khoury, head of the CSE's Canadian Centre for Cyber Security, during a Thursday afternoon briefing to reporters on cyber threats to Canada's critical infrastructure.
The briefing came following reporting by The New York Times based on leaked top-secret Pentagon documents that included descriptions from Russian hackers that they successfully accessed Canadian natural gas infrastructure, and after several Government of Canada webpages have been taken offline in recent days due to distributed denial-of-service (DDoS) attacks with a pro-Russian hacktivist group purporting to be behind it.
CSE said that DDoS attacks are when an adversary overwhelms a server to deny access to others, but in the process the site is not hacked into. Since earlier this week, there has been a "persistent" attempt to disrupt federal government sites, as well as those in Canadian finance, transportation and energy sectors, according to CSE.
On the critical infrastructure allegations, Khoury said there was a "confirmed report where a cyber threat actor had the potential to cause physical damage to Canadian critical infrastructure" but that he could report that there was "no physical damage" to any Canadian energy infrastructure.
"But make no mistake: the threat is real," Khoury said.
"There's a lot that happens behind the scenes. There's a lot of stuff that, you know, we don't talk about publicly, but that we share with operators directly, because we know we can help them in defending their infrastructure," he told reporters.
CSE wouldn't say whether there is any link between the DDoS efforts and the allegations of Russian hackers accessing Canadian critical infrastructure.
On Thursday, Defence Minister Anita Anand issued a corresponding statement about these issues.
Anand's statement said there's been an uptick in this activity from both state actors and pro-Russia non-state actors since the outset of Russia's invasion of Ukraine a year ago, but that's particularly been the case in "recent weeks."
The defence minister attributed this activity to Canada's "steadfast support" for Ukraine, and said that allyship will not be deterred by these Russian efforts, a message Prime Minister Justin Trudeau also emphasized on Thursday.
"Obviously, Canada's unequivocally strong stance in support of Ukraine and against Russia's illegal actions, is bothersome to the Russian government and to pro-Russian hackers. Obviously, we are not going to flinch in any way," Trudeau said.
"A couple of denial of service attacks on government websites, bringing them down for a few hours, is not going to cause us to rethink our unequivocal stance of doing whatever it takes, for as long as it takes to support Ukraine."
On Wednesday night, CSE's Centre for Cyber Security to federal government partners and Canadian critical infrastructure sectors with details about this new threat the agency was observing, and what is known about the "ongoing campaign."
CSE鈥攚hich is mandated to provide the federal government with foreign signals intelligence and cyber security expertise鈥 says it continues to work with Shared Services Canada 鈥渢o ensure websites can remain available,鈥 and with those in the critical infrastructure 鈥渢o share what we know and offer our help.鈥