Provincial websites target of cyberattack

Hey there, time traveller!
This article was published 15/09/2023 (780 days ago), so information in it may no longer be current.

The Manitoba government now says its websites and public online services crashed Thursday due to a cyberattack.

A provincial spokesperson said Friday afternoon that an investigation into the “unplanned service interruption,” which saw government websites and web services crash through much of Thursday, found evidence suggesting it was the result of external activity.

Asked for clarification, the spokesperson said it would be accurate to describe the incident as a cyberattack, but noted there was no demand for ransom, as is common with many cyberattacks.

There were no initial indications it was a deliberate attack, the government official said. On Thursday, the province said it appeared the outage was due to unspecified issues with its systems and infrastructure.

The province has brought in additional security measures to its web infrastructure and called in external experts to review those measures, the spokesperson said.

The government’s primary website, Manitoba.ca, and all other public government websites and systems were down into the evening Thursday.

Websites, including those of the health department, the courts and the e-licensing site used to purchase hunting and fishing licenses, were unable to load amid the outage.

Similar government website crashes occurred in Prince Edward Island, Yukon and Nunavut on Thursday. P.E.I.’s main provincial government website crashed after a cyberattack, that province announced.

According to P.E.I.’s government, attackers were using the so-called denial-of-service tactic, which involves generating a sufficient volume of artificial website traffic to overburden servers.

The Yukon government said it was also hit with a denial-of-service attack on Thursday.

The Nunavut government, which had not confirmed whether it was the target of a cyberattack, told the CBC it was investigating after its main government page crashed.

On Wednesday, some Quebec government web services were affected by a denial-of-service style cyberattack allegedly carried out by the pro-Russian hacker group NoName.

The Manitoba government spokesperson did not answer whether the attack that crippled the province’s systems was a denial-of-service attack.

Terry Cutler, CEO of Montreal-based computer security firm Cyology Labs and a cybersecurity expert, speculated on Friday that the attacks could have been a distraction attempt to look into the government networks for future attacks.

“I’m pretty sure there’s going to be something else coming,” Cutler told the Free Press.

“These attacks that are happening, they’re being tested right now. They want to see what kind of traffic gets through so they can plan a better attack.”

Governments that have been hit with denial-of-service attacks might look at geo-locating traffic to specific locations to prevent overseas users from accessing websites as a means of possibly curtailing the attacks, Cutler said.

— with files from the Canadian Press

erik.pindera@freepress.mb.ca