The Canadian Centre for Cyber Security warning operators of critical infrastructure in Canada to be aware and take steps to mitigate Russian state-sponsored cyber threat activity.
The Communications Security Establishment (CSE), through Canada鈥檚 Cyber Centre, said Wednesday it is aware of foreign cyber threat activities, including Russian-backed actors, to target Canadian critical infrastructure network operators and their operational and information technology.
Citing partners in the and, the bulletin urges operators to be prepared to isolate critical infrastructure components and services from the internet and internal networks if those components could be considered attractive for a hostile threat to disrupt.
The CSE also warned that organizational vigilance should increase and to enhance security measures in place including patching vulnerabilities, enabling logging and backup, and deploying anti-viral software.
鈥淗ave a cyber incident response plan, a continuity of operations and communications plan and be prepared to use them,鈥 the bulletin reads. 鈥淚nform the Cyber Centre of suspicious or malicious cyber activity.鈥
As the dispute between Russia and Ukraine ratchets up, NATO allies including the U.S., Canada and the U.K. have been increasingly involved in attempting to mitigate any moves towards a full-scale invasion by Russia and retaliation by Ukraine.
The bulletin also includes links to the CSE which included warnings to Canadians about Russian and Iranian online trolls using fraudulent or 鈥渂ot鈥 accounts to highlight divisions amongst the public on major political issues like terrorism, climate change, pipeline construction and immigration and refugees.
The 2020 Threat Assessment also directly named the state-sponsored programs of Russia, China, Iran and North Korea as posing 鈥渢he greatest strategic threats to Canada.鈥
Other relevant information, including a bulletin from from Jan. 15 about destructive malware targeting Ukrainian organizations, is highlighted.
Microsoft alleged last year that the Russian-backed hackers responsible for the massive 2020 SolarWinds breach, known as 鈥淣obelium,鈥 have been targeting cloud service companies ever since.