The government of Canada is dealing with what appears to be cyberattacks, as a group of hackers located in India have claimed to have “sown mayhem” in the capital of Canada, Ottawa. On the other hand, it is reported that sensitive data from Canada was not affected in any way.
On September 27 at midday, the Canadian Armed Forces reported that their website was inaccessible from a mobile device. However, the problem was fixed within a few hours of the report being made.
On the other hand, numerous pages on the website of the House of Commons continued to load slowly or incompletely on September 28 due to an attack that, according to the officials, started on the morning of September 24. It has been established that a distributed denial-of-service (DDoS) attack was launched against the Commons, they said. This tactic is bombarding a website with connection requests to prevent legitimate people from accessing it. The protective measures taken by the House of Commons’ computer systems for their network and information technology infrastructure worked as intended. On the other hand, certain pages didn’t react for a while. The information technology support staff at the House of Commons put in place preventative measures and brought back service to acceptable levels.
A DDoS was launched against Elections Canada at approximately midnight on September 27. The attack lasted for roughly sixty minutes. This website does not store or transmit private or confidential information or data. It is not connected to the primary website and is entirely hosted by a different company. According to a statement released by the government agency, it does not share any connection with the network that underpins Elections.ca in any way.
Operations against the Canadian Armed Forces and Elections Canada have been attributed to a hacker collective known as “Indian Cyber Force,” which has claimed responsibility for the operations.
On the social media platform Telegram, a user who identifies themselves as the “Indian Cyber Force” reported that the website of the Canadian Armed Forces has been the target of a cyberattack. On his Telegram page, the person wrote that the Canadian Air Force site had been taken down. However, he was referring to the site for the army. In the communication, it is said that the event would last for “two hours,” and used the hashtag “#F**kcanada.”
Additionally, it would appear that the organisation successfully penetrated several websites belonging to Canadian small enterprises. The organisation that claimed responsibility for the attacks referred to Prime Minister Justin Trudeau, who on September 18 disclosed in Parliament the credible claims that India was involved in the assassination of Sikh separatist activist Hardeep Singh Nijjar. The allegations suggest that India was responsible for the murder. Nijjar had been on India’s wanted list for several years before his death in June.
On websites belonging to restaurants and medical clinics, the hackers sent many misspelt and incorrectly summarized copies of the same message. The afflicted websites displayed numerals in green on a black backdrop, evoking the film “The Matrix,” and were accompanied by music with an aggressive tone. In the message, Sikh nationalists were ridiculed, and Canada was portrayed as a safe haven for terrorists. It was also pointed out that Prime Minister Trudeau made such assertions without providing any evidence to back them up. Tensions on the diplomatic front with India These attacks occurred when relations between Canada and India were severe.
On September 26 in the morning, members of the Indian Cyber Force group boasted about their success on X, which was then known as Twitter, in making the website for the Ottawa Hospital inaccessible for some time.
The medical centre reported to Le Journal de Montreal that it had a “short interruption” of service and that an inquiry was being carried out to determine the cause of the service disruption.
There was no evidence of a security compromise at the centre. According to Hospital spokesperson Rebecca Abelson, the organisation takes security seriously and continues to monitor its many locations.
Similar to Russian hackers
The operations of the “Indian Cyber Force” are said to be quite similar to those of the Russian-speaking Telegram user NoName057, as stated in an article published in the journal La Presse in Canada. The report indicates that the two groups are using the same sort of attack and the same platform.
Since spring, this group has routinely claimed responsibility for Distributed Denial of Service assaults against websites belonging to the federal government, provinces, territories, and Canadian businesses.
In particular, the pages of Justin Trudeau, Hydro-Québec, and numerous Quebec ministries have borne the price in the aftermath of the visit of the Ukrainian Prime Minister to Canada in April, followed by a speech by Trudeau on the Russian invasion given at the G20 Summit in India two weeks ago.
According to Steve Waterhouse, a former chief of information security for the province of Quebec, who spoke with La Pressee, it is highly improbable that the Indian Cyber Force will be able to cause significant damage to the organisations it targets. He said that the only purpose of this action was to make Canada look bad.
The disruption of border crossings and airports on September 17 at the same time as a pro-Russian distributed denial of service attack is evidence that an episode of this kind can occasionally lead to more widespread issues.
In addition to the hacking of its website, the Canada Border Services Agency still needs to explain why the terminals failed. However, specialists have noticed that the organisation’s webpage has several links to other websites connected to databases that carry information on customs and borders and are, in turn, related to the malfunctioning terminals.
