A pro-Russian threat group is believed to be behind a distributed denial of service (DDoS) attack that has blocked access to Prime Minister Justin Trudeau’s official web site. The attack appears to have been timed to coincide with the government’s meeting today with Ukrainian Prime Minister Denys Shmyhal.
As of 1:30 p.m. Eastern, the Canadian Prime Minister’s web site https://pm.gc.ca/en was still unavailable.
UPDATE: The site was back up around 2 p.m. Eastern
At a press conference today, Trudeau addressed the incident. “As you know, it’s not uncommon for Russian hackers to target countries as they are showing steadfast support for Ukraine, as they are welcoming Ukrainian delegations or leadership to visit, so the timing isn’t surprising. But in case anyone was wondering, Russia being able to bring down an official government of Canada web page for a few hours is in no way going to dissuade us from our unshakable support of Ukraine.”
Trudeau also addressed news reports that leaked documents apparently from the U.S. Pentagon include mention of a pro-Russian hacktivist group telling Russian intelligence that the group had accessed a Canadian gas pipeline.
“I can confirm in regards to reports of cyber attacks against Canadian energy infrastructure that there was no physical damage to any energy infrastructure following cyber attacks,” Trudeau said.
It wasn’t clear from the statement whether Trudeau was confirming that a pro-Russian group recently had compromised the operational technology side of a pipeline company, or whether he was saying there has never been physical damage to a pipeline from a cyber attack.
The legitimacy of the stolen documents hasn’t been confirmed. The U.S. Justice Department is taking them seriously enough that it has opened an investigation, but some commentators think certain documents have been altered. For example, it is alleged that one document underestimates the extent of Russian casualties in the war with Ukraine, apparently to give the impression the war hasn’t hurt Russia as much as other countries think.
According to the news site Zero Day, the controversial stolen documents also include a page, apparently from a U.S. intelligence briefing, with two paragraphs about the alleged cyberattack by the Russian hacking group called Zarya on an unnamed Canadian energy company.
To prove its claim, Zarya allegedly shared screenshots with an officer of the Russian counterintelligence Federal Security Bureau (FSB) showing it had accessed the Canadian pipeline operator and had the ability to increase valve pressure, disable alarms, and initiate an emergency shutdown of the facility. Zero Day, which saw the stolen document, says the U.S. intelligence briefing didn’t identify the Canadian victim, writing that the screenshot was of an “unspecified gas distribution station.”
Zero Day says the U.S. briefing document it saw indicates that the hacking group was “receiving instructions” from someone presumed to be an FSB officer, who ordered them to maintain their network access, and that the hackers were on “standby” for further instructions from the FSB.
The post Breaking News: DDoS attacks block PM Trudeau’s web site first appeared on IT World Canada.