Hacktivists tampered with Canadian industrial systems, cyber agency warns

Archived link

Here is the original warning by the Centre for Cyber Security.

Canada’s cyber authorities are warning that hacktivists are increasingly targeting internet-connected industrial systems after several recent incidents disrupted operations at utilities and small businesses across the country.

The Canadian Centre for Cyber Security said this week that, together with the Royal Canadian Mounted Police, it has investigated multiple cases involving compromised industrial control systems (ICS).

...

The Canadian authorities did not specify why they labeled the attackers “hacktivists” — a term for threat actors who hack for publicity rather than toward geopolitical or financial goals. The alert did not attribute the incidents to a specific group.

...

Canada’s warning follows a global uptick in hacktivist activity against critical infrastructure.

In late 2023, the Russian government-aligned group known as the Cyber Army of Russia Reborn (CARR) claimed to have attacked the industrial control systems of multiple U.S. and European critical infrastructure targets.

In January 2024, the group took responsibility for overflowing water storage tanks in Texas, resulting in the loss of tens of thousands of gallons of water. CARR also claimed to have compromised the SCADA system of a U.S. energy company, gaining control over alarms and pumps for its tanks.

In June, the U.S. State Department accused Iranians allegedly affiliated with a group known as CyberAv3ngers of targeting critical infrastructure with malware designed to compromise industrial control systems.

...

Canada’s cyber agency warned that many smaller utilities, farms, and manufacturers continue to run poorly secured internet-connected systems, leaving them vulnerable to opportunistic attacks.

...