Statement from the Minister of National Defence – Cyber Threats to Critical Infrastructure


Since Russia’s unjustified and illegal invasion of Ukraine began over one year ago, and especially in recent weeks, we have seen a notable rise in cyber threat activity by Russian-aligned actors targeting Ukraine’s partners.

Canada is no exception. These activities are a direct response to our steadfast support to the people and Government of Ukraine – and they will not deter Canada’s support for Ukraine.

This malicious cyber activity is frequently directed at critical infrastructure networks, and technology used to run vital sectors. Threat actors have also used strategically-timed Distributed Denial of Service attacks (DDoS) against government and business web sites.

To help organizations mitigate the impact of DDoS attacks, the Communications Security Establishment (CSE) and its Canadian Centre for Cyber Security (Cyber Centre) released a Cyber Flash to partners within the Government of Canada and critical Canadian sectors on April 12. This Cyber Flash was released to share known facts about this ongoing campaign. We continue to monitor, reassess and respond to this campaign, and may release further products at a later time if warranted.

CSE works every day to defend government systems from threats. On any given day, CSE’s defensive systems can block anywhere from 3 to 5 billion malicious actions targeting government networks. These defensive actions are a result of CSE’s dynamic cyber defence capabilities which remain ready to defend government systems and protect against future attacks.

In addition, Canadian organizations and critical infrastructure operators – who operate the systems on which we depend every day – must be prepared to protect against known cyber threats.

Previously the Cyber Centre has warned Canadian organizations to be prepared for cyber threat actors to try to disrupt, deface, and exploit Canadian network assets. If you run the critical systems that power our communities, offer internet access to Canadians, provide health care, or generally operate any of the services Canadians can’t do without, you must protect your systems. Monitor your networks. Apply mitigations.

I urge Canadian critical infrastructure organizations to review the Cyber Centre’s Cyber Threat Bulletin: Cyber Threats to Operational Technology and follow this advice:

The Cyber Centre shares valuable cyber threat information with Canadian critical infrastructure and government partners through protected channels. This vital information includes indicators of compromise (IoCs), threat mitigation advice, and confidential alerts about new forms of malware, and other tactics, techniques, and procedures used to target victims. It’s the kind of information you can use to protect your organization.

In addition to the advice above for critical sectors, the Cyber Centre urges Canadian organizations to take note of the following cyber security guidance:  

You are the first line of defence in keeping your organizations, and Canadians, safe from cyber threats.

Together we will help keep Canada safe

Page details

Date modified: