Intelligence agency says cyber threat actor ‘had the potential’ to damage critical infrastructure | CBC News

One of Canada’s intelligence agencies says a cyber threat actor “had the potential to cause physical damage” to a piece of critical infrastructure recently.

“I can report there was no physical damage to any Canadian energy infrastructure. But make no mistake — the threat is real,” said Sami Khoury, head of the Canadian Centre for Cyber Security out of the Communications Security Establishment.

Earlier this week, leaked U.S. intelligence documents suggested Russian-backed hackers successfully gained access to Canada’s natural gas distribution network.

Khoury said he couldn’t share much more information about the hit.

“There’s a lot that happens behind the scenes, there’s a lot of stuff we don’t talk about publicly but we share with operators directly, because we know we can help them in defending their infrastructure,” he told reporters during a briefing Thursday.

Khoury said that the service recently alerted critical infrastructure operators of “a new threat.”

“In this recent confidential flash, we noted that we had a confirmed report where a cyber threat actor had the potential to cause physical damage to Canadian critical infrastructure,” he said.

CSE has defined critical infrastructure as networks and systems that Canadians rely on for essential services, such as energy, water and utility systems, transportation systems, food supply chains and financial networks.

The briefing from the cyber and foreign signals intelligence agency comes at a time of heightened anxiety about cyberattacks linked to the ongoing war in Ukraine.

Earlier Thursday, a pro-Russian hacking group claimed responsibility for a cyberattack on Hydro Quebec, the province’s state-owned electricity provider.

The same group took credit for knocking the Prime Minister Office website offline earlier this week as Canada played host to Ukrainian Prime Minister Denys Shmyhal.

Russian-aligned actors targeting Ukraine’s allies 

Khoury said there has been a rise recently in the number of cyber threats orchestrated by Russia-aligned actors targeting countries that support Ukraine, including Canada.

“Intelligence reporting has indicated that Russian cyber threat actors are exploring options for potential counter attacks against Canada, the United States and other NATO and Five Eyes allies, including against critical infrastructure targets,” he said. 

The CSE said that state-sponsored cyber threat actors like to target critical infrastructure “to collect information through espionage, pre-position in case of future hostilities, and as a form of power projection and intimidation.

“This malicious cyber activity is frequently directed at critical infrastructure networks, and the combined operational and information technology – or IT and OT –  systems used to run vital sectors.

“Canadian organizations and critical infrastructure operators — who operate the systems on which we depend every day — must be alert to these risks and immediately protect against these known cyber threat activities.”