BC believes the cybersecurity attacks on the government were state-directed

VICTORIA — British Columbia’s public service chief said Friday there is high confidence that cybersecurity attacks on the provincial government’s networks are being carried out by a state or a state-sponsored actor.

Shannon Salter, who is also deputy minister to the prime minister, said in a briefing that there was no evidence that sensitive information had been compromised.

The incidents were revealed on Wednesday by Prime Minister David Eby, who described the attacks as “sophisticated”.

Attorney General Mike Farnworth later said that both police and the Canadian Center for Cyber ​​Security were involved in the investigation.

The Canadian Center for Cyber ​​Security is part of Canada’s national cryptographic agency, the Communications Security Establishment, and provides cybersecurity advice, services and support to the government.

Salter said Friday she could not comment on whether the government knew the identity of the state or the state-sponsored actor behind the three separate incidents.

The problem was first noticed on April 10, then confirmed and reported the next day, she said.

Salter said she first informed Eby on April 17, but the cabinet was not informed until Wednesday, the same day the incidents became public knowledge.

A government source said Wednesday that the incidents were related to an order issued early last week to all provincial employees to immediately change their passwords.

British Columbia’s Office of the Chief Information Officer had previously described this policy as a precautionary measure in a statement, noting that the government “routinely updates security measures.”

Farnworth said Thursday that there was a delay in releasing information about the attacks because cybersecurity experts said protecting the system and its information was a priority before releasing it, which could potentially increase vulnerability.

The government’s cyberattack came amid other incidents in the province in recent weeks, including hacking of libraries in British Columbia and demanding a ransom for keeping user data private, as well as an attack that forced retailer London Drugs to close stores across Western Canada to close for more than a week.

Clint Mahlman, president of the London Drug Enforcement Agency, said in an interview Thursday that he did not know whether the violation was possibly related to the British Columbia government incident.

This report by The Canadian Press was first published May 10, 2024.

Dirk Meissner, The Canadian Press