Careful attention to government statements and legislation is required to monitor the level of risk to British Columbians’ information as investigators investigate multiple breaches under a continued barrage of attacks.
Government sources have confirmed to CTV News that various government ministries and agencies, along with their associated websites, networks and servers, face approximately 1.5 billion “unauthorized accesses” or hacking attempts daily. That represents an increase in recent years and explains why the province adds millions of dollars per year to its cybersecurity budget.
Public Safety Minister Mike Farnworth attempted to reassure the public that “there is no evidence at this time that sensitive personal information has been accessed” and remained adamant that no ransom demands have yet been made. He confirmed that police and federal agencies are involved.
But the statement Wednesday afternoon from the premier’s office acknowledging that provincial IT infrastructure had been compromised, a week after CTV News was the first to report that public employees began receiving urgent bulletins to immediately change their passwords, includes important clues.
It indicates “sophisticated cybersecurity incidents”, in plural and that the government has notified the Office of the Information and Privacy Commissioner. The OIPC declined our interview request and referred us to provincial legislation that requires public bodies to notify its office when there are privacy breaches that “could reasonably be expected to result in significant harm” to the physical well-being, reputation, finances, employment or property. .
While Opposition Leader Kevin Falcon criticized the government for withholding notification of the attack for at least a week, and doing so an hour before a highly anticipated Canucks playoff game, one expert sides with the insistence. of Farnworth that the delay was necessary.
University of British Columbia associate professor Thomas Pasquier specializes in cybersecurity investigations and agrees with government technology experts and outside advisers who prioritized protecting networks and finding where breaches were successful.
“It’s important to understand the source and understand what was done after the initial compromise and how it spread,” he said. “It could be a number of things, including a phishing attack or a database was misconfigured and an attacker gained access.”
The Federal Communications Security Establishment, which oversees the Canadian Cyber Security Center, confirms: “we are working with British Columbia officials to support their efforts to mitigate the incident,” but did not provide further details. In their email statement they emphasized that “cyber threats remain a persistent threat to Canadian organizations, as well as owners and operators of critical infrastructure.”
Pasquier urged the government to provide more transparency, but also speculated that “the attack may still be ongoing and the investigation is potentially unclear about the exact source and exact scope of the compromise.”