BC Says State Actor Behind Multiple Cyberattacks

BC Says State Actor Behind Multiple Cyberattacks
The B.C. legislature in Victoria on June 10, 2020. (The Canadian Press/Chad Hipolito)
Chandra Philip
5/11/2024
Updated:
5/12/2024
0:00

B.C. says there is evidence a state actor was behind cyberattacks on the provincial government in April and early May.

Public Safety Minister Mike Farnworth told reporters on May 10 that the attempt to breach government systems bore “the hallmarks of a state actor or a state-sponsored actor.”

The cyberattacks were first made public by B.C. Premier David Eby on May 8 in a statement that called the attacks “sophisticated” and said they targeted government networks.
“The government is working closely with the Canadian Centre for Cyber Security (Cyber Centre) and other agencies to determine the extent of the incidents and implement additional measures to safeguard data and information systems,” Mr. Eby said. “We have also informed the Office of the Information and Privacy Commissioner [for B.C.]”

The Cyber Centre, part of the federal Communications Security Establishment, provides guidance, services, and support to the government on cybersecurity.

Three separate attempts were made over the last month to breach government systems, Shannon Salter, head of B.C.’s public service and deputy minister to the premier, told reporters in a technical briefing on May 10, CBC News reported.

Ms. Salter said the hackers were directed by a foreign state but did not indicate which state might have been involved. She also did not say which government systems the hackers tried to access, only stating that the investigation remains ongoing.

Mr. Eby said there was no evidence that sensitive information had been compromised.

“However, the investigation is ongoing and we have more work to do to determine what information may have been accessed,” his statement said.

The premier said his government would provide updates and information as the investigation unfolds.

Ms. Salter told reporters that the B.C. government launched its investigation into an attempted breach on April 10, according to CBC. After confirming the cybersecurity incident, the Cyber Centre was informed on April 11. The B.C. government also reported it to Microsoft’s Detection and Response Team.

A second incident occurred on April 29, Ms. Salter told reporters, with a third attack on May 6. She said the same threat actor was responsible for all three incidents.

The news comes after similar incidents took place around the province.

The B.C. Libraries Cooperative, which builds and maintains IT infrastructure for some 200 not-for-profit library-related organizations in the province, was targeted on April 19, the co-op said in an April 29 news release. The hacker tried to extort payment in exchange for not releasing the data publicly. However, the co-op determined that the server that was accessed had minimal data and no sensitive information was stolen.
Shortly thereafter, B.C.-based London Drugs shut down stores in Western Canada after a cyber incident on April 28. It took the stores about a week to re-open, with its president saying the incident is still under investigation.

Mr. Farnworth acknowledged on May 9 that the B.C. Office of the Chief Information Officer had sent a memo the week prior asking government employees to change their passwords.

Referring to the password directive, Opposition BC United’s house leader Todd Stone asked Mr. Farnworth why the government waited days before informing the public.
Mr. Farnworth said cybersecurity experts advised the government that the priority was protecting the system and its information before going public, as that could increase vulnerability to attacks.

MPs to Investigate Chinese Cyberattacks

News of the cyberattack in B.C. comes amid concerns raised by MPs in Ottawa, who voted unanimously on May 9 to investigate the Chinese regime’s cyberattacks against parliamentarians.
Conservative MP Garnett Genius initiated the motion after he revealed on April 29 that he and 17 other Canadian parliamentarians had been targeted in 2021 by a Beijing-backed hacker group called Advanced Persistent Threat 31 (APT31).

The hacking attempts were linked to a campaign against members of the Inter-Parliamentary Alliance on China, an international group of cross-party legislators working on ways to more effectively tackle threats from Beijing.

The investigation will be led by the House of Commons Standing Committee on Procedure and House Affairs.

The Canadian Press and Andrew Chen contributed to this report.
Chandra Philip is a news reporter with the Canadian edition of The Epoch Times.