The House of Commons and Canada’s cybersecurity agency are currently investigating a significant data breach instigated by an unknown “threat actor” aiming at obtaining employee information.
An internal email acquired by CBC News reveals that the House of Commons informed its staff about the breach on Monday. It was disclosed that a malicious actor exploited a recent vulnerability in Microsoft to gain unauthorized entry to a database containing information used for managing computers and mobile devices.
Certain information accessed by the hacker is not publicly available, as per the email. This includes employees’ names, job titles, office locations, email addresses, and details pertaining to their House of Commons-controlled computers and mobile devices.
The Communications Security Establishment (CSE) of Canada acknowledged the incident and is collaborating with the House of Commons to offer assistance. However, the CSE could not ascertain the identity of the perpetrator behind the attack.
According to the CSE, a threat actor is defined as a group or individual aiming to “gain unauthorized access to or otherwise affect victims’ data, devices, systems, and networks” with malicious intent.
The CSE recently published a threat report stating that adversarial nations such as China, Russia, and Iran are increasingly responsible for cyber threats directed at Canada. However, it is too early to determine the origin of this breach.
The cyberattack took place on Friday, according to the email distributed to employees. Employees and House of Commons members are advised to remain vigilant as the compromised information could be exploited in scams or to impersonate parliamentarians.
The House of Commons mentioned in a statement that it is collaborating with national security partners to investigate the breach but refrained from disclosing specific details, including the number of affected employees, due to the ongoing investigation.
The most recent national cyber threat assessment from the Canadian Centre for Cyber Security highlights that Canada is an attractive target for both criminals and state adversaries seeking to disrupt systems. The report also notes a significant rise in the frequency and severity of cyber incidents over the past two years.
State adversaries are becoming more audacious and assertive, as stated by Rajiv Gupta, the head of the Canadian Centre for Cyber Security. Cybercriminals driven by financial gain are leveraging new illicit business models to access malicious tools and incorporating artificial intelligence to enhance their capabilities.
The report underscores China as the most sophisticated and active cyber threat to Canada. It points out that in the last four years, PRC threat actors have compromised at least 20 networks associated with Government of Canada agencies and departments.