Multiple Cybersecurity Incidents Rock British Columbia Govt
Opposition spars with government in the House for delayed notification and lack of transparency
, Cybersecurity News, Espionage, Governance Cyber Warfare
Mihir Bagwe May 10, 2024Share on LinkedInShare on Twitter
British Columbia in Canada has faced multiple “sophisticated cybersecurity incidents” on government networks, province premier said this week.
Premier David Eby emphasized that there is presently no evidence of compromised sensitive information and that investigations are ongoing, with further efforts required to ascertain potential data access, as per his Wednesday statement.
While the attack’s specific nature remains unclear, labeling it as “sophisticated” and its involvement with government networks suggests fans theories of espionage from a state-sponsored actor seeking political intelligence.
“I know the public will have many questions about these incidents, and we will be as transparent as we can without compromising the investigation. As this complex work proceeds, government will provide British Columbians with updates and information as we are able.” Eby said.
The provincial government’s investigation involves the Canadian Centre for Cyber Security and other agencies, with the Office of the Information and Privacy Commissioner duly informed.
Neither of the agencies immediately responded to The Cyber Express’ request for a comment.
Opposition’s Spar in the House
B.C.’s political adversaries engaged in heated debate during the question period on Thursday morning, a day after the province disclosed the multiple cybersecurity incidents within its networks.
British Columbia United MLA Todd Stone criticized the government, alleging it “concealed a massive cyberattack on the provincial government for eight days.” Stone’s accusations came on the backdrop of a memo from The Office of the Chief Information Officer that directed all provincial employees to immediately change passwords.
British Columbians are rightly concerned about their sensitive information, questioning whether it has been compromised by a foreign, state-sponsored cyberattack. So, I ask the premier today: Will he reveal who was responsible for this attack?” Stone demanded.
Stone pointed out the timing of Eby’s Wednesday statement, suggesting it was issued discreetly “while everyone was preoccupied with last night’s Canucks game.”
BC United MLA Todd Stone arguing in the House during the QP on Thursday morning. (Credit: Legislative Assembly of B.C.)
“How much sensitive personal information was compromised, and why did the premier wait eight days to issue a discreet statement during a Canucks game to disclose this very serious breach to British Columbians?” the Opposition MLA asked.
In response to BC United’s criticisms, Public Safety Minister Mike Farnworth accused Stone of “playing politics.”
“We take our advice from the Canadian Cyber Security Service, who deal with these kinds of things on an ongoing basis. That’s who we will take the advice from in terms of protecting public information, every single time. We will never take advise from the opposition — all they ever want to do is play politics,” Farnworth retorted amid uproar in the House.
Public Safety Minister Mike Farnworth addressing opposition queries. (Credit: Legislative Assembly of B.C.)
“When an incident like this happens, the first thing that happens is the protection of the system, honourable speaker. The protection of the information that’s done by technical experts, honourable speaker, who work on the advice of the Canadian Cyber Security System,” Farnworth explained.
“And, honourable speaker, the reason they do that is because if you go out and give information before that’s done, you actually end up compromising people’s information, potentially.”
Multiple Cybersecurity Incidents Rock B.C. in Last Few Weeks
The latest revelation of cyberattacks on government networks comes on the heels of a string of cyberattacks that the westernmost province in Canada is facing.
B.C. headquartered retail and pharmacy chain London Drugs announced April 28, closure of its stores across Western Canada after falling victim to a cybersecurity incident. The impact was such that they were forced to even take their phones offline and pharmacies could only satisfy “urgent” needs of patients on-site.
Addressing reporters later Thursday afternoon, Farnworth clarified that there was no evidence linking the multiple cybersecurity incidents targeting the province networks to the event that led to the closure of London Drugs locations in the west for several days.
“At present, we lack any information suggesting a connection. Once an incident is detected, technical security teams work swiftly to secure the system and ensure its integrity, while closely coordinating with the Canadian Cyber Security Service to address the situation,” he explained.
“While a comprehensive investigation involving multiple agencies is ongoing, we currently have no indication of any link to the London Drugs incident.”
The same day as the London Drugs cyberattack came to light, another western province entity BC Libraries reported a cybersecurity incident where a hacker attempted to extort payment for data exfiltrated from its newly commissioned server and threatening to release that data publicly if no payment was received.
China’s Involved?
This development follows an official inquiry in Canada, revealing unsuccessful Chinese attempts to interfere in past elections. Beijing has refuted these allegations. The Canadian Security Intelligence Service (CSIS) recently published an annual report, warning of ongoing Chinese interference in Canadian political affairs, risking democratic integrity.
“Canada’s strong democratic institutions, advanced economy, innovative research sectors, and leading academic institutions make Canada an attractive target for cyber-enabled espionage, sabotage, and foreign influenced activities, all of which pose significant threats to Canada’s national security,” the report said.
The report identified China as a state-based threat conducting widespread cyber espionage across various sectors, including government, academia, private industry, and civil society organizations.