Article Details

Canada says hacktivists breached water and energy facilities. The Canadian Centre for Cyber Security warned today that hacktivists have breached critical infrastructure systems multiple times across the country, allowing them to modify industrial controls that could have led to dangerous conditions. The authorities issued the warning to raise awareness of the elevated malicious activity targeting internet-exposed Industrial Control Systems (ICS) and the need to adopt stronger security measures to block the attacks. The alert shares three recent incidents in which so-called hacktivists tampered with critical systems at a water treatment facility, an oil & gas firm, and an agricultural facility, causing disruptions, false alarms, and a risk of dangerous conditions. "One incident affected a water facility, tampering with water pressure values and resulting in degraded service for its community," describes the bulletin. "Another involved a Canadian oil and gas company, where an Automated Tank Gauge (ATG) was manipulated, triggering false alarms." "A third one involved a grain drying silo on a Canadian farm, where temperature and humidity levels were manipulated, resulting in potentially unsafe conditions if not caught on time." The Canadian authorities believe that these attacks weren't planned and sophisticated, but rather opportunistic, aimed at causing media stir, undermining trust in the country's authorities, and harming its reputation. Sowing fear in societies and creating a sense of threat are primary goals for hacktivists, who are often joined by sophisticated APTs in this effort. The U.S. government has repeatedly confirmed that foreign hacktivists have attempted to manipulate industrial system settings. Earlier this month, a Russian group called TwoNet was caught in the act against a decoy plant. Although none of the recently targeted entities in Canada suffered catastrophic consequences, the attacks highlight the risk of poorly protected ICS components such as PLCs, SCADA systems, HMIs, and industrial IoTs. In response to the elevated hacktivist activity, the Canadian authorities suggest the following measures: Although ICS malware isn't typically associated with hacktivist threats, it is also advisable to keep the firmware of all ICS components updated, plugging any security gaps that could be exploited for planting persistent backdoors. Picus Blue Report 2025 is Here: 2X increase in password cracking 46% of environments had passwords cracked, nearly doubling from 25% last year. Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data exfiltration trends.