this post was submitted on 30 Jun 2026
90 points (98.9% liked)

Canada

12117 readers
479 users here now

What's going on Canada?



Related Communities


🍁 Meta


🗺️ Provinces / Territories


🏙️ Cities / Local Communities

Sorted alphabetically by city name.


🏒 Sports

Baseball

Basketball

Curling

Hockey

Soccer


💻 Schools / Universities

Sorted by province, then by total full-time enrolment.


💵 Finance, Shopping, Sales


🗣️ Politics


🍁 Social / Culture


Rules

  1. Keep the original title when submitting an article. You can put your own commentary in the body of the post or in the comment section.

Reminder that the rules for lemmy.ca also apply here. See the sidebar on the homepage: lemmy.ca


founded 5 years ago
MODERATORS
 

Archived link

Russian cybercriminals managed to hack into a Quebec municipality’s water treatment plant systems and had the ability to wreak havoc on the crucial infrastructure before getting caught, according to Canada’s cyber spy agency.

In its latest annual report released Monday, the Communications Security Establishment (CSE) said that it detected over 3,200 cyber incidents affecting either federal government organizations or one of ten critical infrastructure sectors, such as energy, critical minerals and water.

In one particular case discussed in the report, the signals intelligence agency said it was advised last October that Russian hacktivist group NoName had broken into the Quebec water plant’s network and gained access to many crucial systems.

...

According to CSE, NoName claimed it had gained the “ability to covertly control pumps, chlorine dosing, pressure settings and monitoring/alerts systems.” The report does not identify the impacted Quebec municipality.

...

The annual report ... points to two main state cyber adversaries: Russia and China. The report emphasizes that both countries pose a growing threat in the Canadian Arctic, where challenges posed by adversaries go “beyond traditional military and cyber threats to include economic and influence-related activities that seek to shape access, infrastructure, and decision-making in the region.”

...

you are viewing a single comment's thread
view the rest of the comments
[–] kent_eh@lemmy.ca 4 points 4 days ago (1 children)

The smaller the municipality (and the older the system), the less likely that they have a robust IT department managing all the access controls.

Then again, I've also an encountered office (not utility infrastructure) where some random employee had plugged a WIFI access point into their desks ethernet port and set it on the window ledge so they could use their phone on the company network while they were outside having a smoke... (yes they faced consequences when management was made aware)

As we all know, security is only as good as your weakest link.

[–] orioler25@lemmy.ca 0 points 4 days ago* (last edited 4 days ago) (1 children)

Yeah I think the size of the municipality is a great thing to keep in mind for this, as I'm sure a more rural, low population, and dispersed municipality would likely have less funding to update and maintain these systems. What I'm curious about is if this is a consequence of that neoliberalization -- whether this was a result of reduced public funding and therefore the adoption of privatized, profit-driven solutions -- or if it was simply a consequence of older infrastructure and poor discipline. Those are very different explanations that present their own risks for the rest of us to be concerned about and options for what we are able to do about it.

[–] kent_eh@lemmy.ca 1 points 3 days ago

Which is why it is important for facility operators to pay attention to the forensic audits of the compromised systems, and react appropriately.

And, obviously, it is also important that those audit reports be made available, and not hidden away because of some sense of corporate embarrassment or claims of "proprietary information"