The Canadian Centre for Cyber Security (Cyber Centre - a part of the Communications Security Establishment) is urging Canadian organizations to be vigilant and prepared for potential disruptive cyber activity, based on public threats made by Russian-aligned malicious cyber actors. The Cyber Centre has previously warned Canadian organizations and critical infrastructure operators to be prepared for the possible disruption and defacement of websites by cyber threat actors aligned with Russian interests. This warning still applies. As a result, the Cyber Centre continues to remind the Canadian cyber security community – especially the operators of government and critical infrastructure web sites – to adopt a heightened state of vigilance, and to bolster their awareness of and protection against malicious cyber threats.
Russian-aligned malicious cyber actors have publicly stated their intention to target nations united in supporting Ukraine’s defence against Russia’s attacks and aggression. The Cyber Centre continues to share valuable cyber threat information with Canadian critical infrastructure and government partners via protected channels and monitor the cyber threat environment in Canada and globally. We encourage any Canadian organizations who believe they may have been targeted by cyber threat activity to contact the Cyber Centre.
The Cyber Centre strongly recommends Canadians organizations take note of the following information:
- Joint cyber security advisory on Russian state-sponsored and criminal cyber threats to critical infrastructure
- The Cyber Centre’s Top 10 IT security actions to protect internet connected networks and information, including to consolidate, monitor, and defend Internet gateways; and isolate web-facing applications
- The Cyber Centre’s awareness series publication on Website defacement
- Joint Cyber Security Advisory Technical approaches to uncovering and remediating malicious activity
- Review perimeter network systems to determine if any suspicious activity has occurred
- Review and implement preventative actions outlined within the Cyber Centre’s guidance on protecting your organization against denial of service attacks;