[TheRecord] Canada confirms cyber-attack on foreign affairs ministry

The Canadian government confirmed late last night that its foreign affairs ministry, Global Affairs Canada, was the victim of a cyber-attack, and it’s still dealing with its after-effects.

“The cyber incident was detected on January 19, after which mitigation actions were taken,” the Treasury Board of Canada Secretariat said on Twitter last night.

GAC services remain open to the general public, but some internal systems are still down for employees while officials investigate the incident.

Officials said the attack did not impact any other departments of the Canadian government network.

“There are systems and tools in place to monitor, detect, and investigate potential threats, and to take active measures to address and neutralize them when they occur,” officials said.

The Canadian government confirmed the incident last night after journalists from Global News first reported on the incident on Monday.

Officials did not attribute the attack to any particular entity or reveal any technical details of what happened, and it is currently unclear if this was an attack that targeted the government’s network on purpose or just some random exploitation event that managed to find an unpatched system on GAC’s network.

A day after the attack, Canada’s cybersecurity agency published a security alert warning that Russian threat actors might target Canada’s critical infrastructure. Due to the alert’s timing, some security experts and local journalists speculated that the two events could be related.

The post Canada confirms cyber-attack on foreign affairs ministry appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SANS ISC] Sysinternals: Procmon, Sysmon, TcpView and Process Explorer update, (Sun, May 30th)

All posts, Sans-ISC

New versions of Sysinternals’ tools Procmon, Sysmon, TcpView and Process Explorer were released. Didier Stevens Senior handler Microsoft MVP blog.DidierStevens.com DidierStevensLabs.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Source: Read More (SANS Internet Storm Center, InfoCON: green)

Read More

Disobey 2019: Social Cyberattacks (video)

I presented about the psychology of social cyberattacks at Disobey on january 2019. Here is the video of that presentation: https://youtu.be/3mgntbZzFaw (Embedding the video causes the page to cut it in half and I can’t be arsed to mess with CSS to make it work so you can just follow the link.)

Read More

[ZDNet] Microsoft to release ‘Defender for Business’ platform

All posts, ZDNet

Once the tool is available, customers will be able to buy the platform directly from Microsoft as a standalone offering costing $3 per user per month. Source: Read More (Latest topics for ZDNet in Security)

Read More