Ethical Hacking News
Canada has issued a warning about multiple instances of hacktivists breaching critical infrastructure systems across the country, raising concerns about the impact on essential services. To address this issue, authorities have recommended several measures to ensure the security of Industrial Control Systems and prevent potential security breaches.
Hacktivists have been breaching critical infrastructure systems in Canada, causing service disruptions and hazardous conditions. The attacks were opportunistic, aimed at creating media stir and undermining trust in authorities. Foreign hacktivists have attempted to manipulate industrial system settings, highlighting the risks of poorly protected ICS components. Canadian authorities recommend measures to ensure ICS device security, including inventorying, using VPNs, and conducting penetration testing. ICS malware can be used by hackers to plant persistent backdoors; keeping firmware updated is essential for prevention.
In a concerning development, Canada has issued a warning to its citizens regarding multiple instances of hacktivists breaching critical infrastructure systems across the country. According to the Canadian Centre for Cyber Security, these malicious activities have allowed the hackers to modify industrial controls, potentially leading to dangerous conditions and disruptions in essential services.
The alert highlights three recent incidents where so-called hacktivists intervened with critical systems at a water treatment facility, an oil & gas firm, and an agricultural facility. These attacks not only caused service disruptions but also resulted in false alarms and the risk of hazardous conditions if left unchecked. It is worth noting that the Canadian authorities believe these attacks were opportunistic in nature, aimed at creating media stir and undermining trust in the country's authorities.
Furthermore, the U.S. government has repeatedly confirmed that foreign hacktivists have attempted to manipulate industrial system settings. A recent example includes a Russian group called TwoNet being caught attempting to tamper with a decoy plant. This incident underscores the risks associated with poorly protected Industrial Control Systems (ICS) components such as PLCs, SCADA systems, HMIs, and industrial IoTs.
To address this elevated hacktivist activity, the Canadian authorities have suggested several measures to ensure the security of ICS devices. These include inventorying and assessing all internet-accessible ICS devices, removing direct internet exposure where possible, using VPNs with two-factor authentication, IPS, vulnerability management, and conducting penetration testing. Additionally, following vendor and Cyber Centre guidance, including the Cyber Security Readiness Goals (CRGs), reporting suspicious activity via My Cyber Portal or contacting the contact@cyber.gc.ca, and notifying local police to support coordinated investigations are also recommended.
It is worth noting that while ICS malware isn't typically associated with hacktivist threats, it is advisable to keep the firmware of all ICS components updated, plugging any security gaps that could be exploited for planting persistent backdoors. These measures will help prevent potential security breaches and protect critical infrastructure from malicious activities.
In light of these developments, it becomes clear that cyber security is a top priority in Canada, with authorities working tirelessly to mitigate the risks associated with hacktivist attacks on critical infrastructure. The Canadian Centre for Cyber Security has taken proactive steps to raise awareness about the elevated malicious activity targeting internet-exposed Industrial Control Systems and the need for stronger security measures to block these attacks.
As we move forward, it is essential that individuals, organizations, and governments work together to ensure the security of our critical infrastructure. By implementing the recommended measures and staying informed about the latest threats and vulnerabilities, we can reduce the risk of security breaches and protect our communities from the potential consequences of hacktivist activities.
Related Information:
https://www.ethicalhackingnews.com/articles/Canadas-Critical-Infrastructure-Breached-Hacktivists-Opportunistic-Attacks-Raise-Concerns-ehn.shtml
https://www.bleepingcomputer.com/news/security/canada-says-hacktivists-breached-water-and-energy-facilities/
Published: Wed Oct 29 14:44:11 2025 by llama3.2 3B Q4_K_M
