December 2, 2023

A cyberattack suspected to be carried out by a pro-Russia hacking group reportedly resulted in widespread service disruptions at a number of Canadian airports.

The Canada Border Providers Company (CBSA) confirmed to Recorded Future Information that the connectivity points that affected check-in kiosks and digital gates at airports final week are the results of a distributed denial of service (DDoS) assault. Such assaults work by flooding techniques with junk site visitors, disrupting their operations.

CBSA’s spokesperson mentioned that they’d restored all techniques inside just a few hours.

The Montreal Airport Authority (ADM) advised the Canadian newspaper La Presse that a pc outage at check-in kiosks induced important delays within the processing of arrivals for over an hour at border checkpoints all through the nation, together with Montreal-Trudeau Worldwide Airport.

“We’re working carefully with our companions to evaluate and examine the state of affairs. The protection and safety of Canadians and vacationers is the CBSA’s high precedence,” mentioned CBSA. “No private info has been disclosed following these assaults.”

Late final week, Russian hacking group NoName057(16) claimed duty for cyberattacks concentrating on a number of Canadian organizations, together with CBSA, Canadian Air Transport Safety Authority, in addition to authorities and monetary establishments.

The Canadian Centre for Cyber Safety issued an alert warning native tech professionals and managers about “DDoS campaigns concentrating on the Canadian authorities, in addition to the monetary and transportation sectors.” A few of this exercise is linked to Russian state-sponsored cyber risk actors, together with NoName057(16), the company mentioned.

CBSA has in a roundabout way attributed the assault to NoName057(16). The company has additionally not disclosed how a DDoS assault managed to breach the pc system utilized by check-in kiosks at airports. This method is meant to be on a closed circuit, that means it shouldn’t be linked to the web, La Presse reported.

CBSA didn’t reply to Recorded Future Information’ request for remark.

NoName’s assaults on Canada

NoName057(16) is a bunch of pro-Kremlin hacktivists who orchestrate comparatively easy and short-lived DDoS assaults with the assistance of a whole lot of volunteers.

The group pronounces new targets on its Telegram channel each day, the influence on focused providers usually will depend on its safety measures.

Final week, NoName mentioned it launched its assaults on Canada in response to Prime Minister Justin Trudeau’s assertion that the nation would keep its help for Ukraine throughout its struggle with Russia.

“Each time Justin Trudeau takes the stage, someplace on the web, a number of Canadian web sites go down,” the hackers mentioned.

Another excuse cited by NoName for his or her assaults on Canada is the nation’s current euthanasia legislation, which is able to quickly embody people with psychological sickness.

“The NATO world has gone utterly loopy!” NoName mentioned. “We hit Canada, hoping to search out at the least a drop of widespread sense within the brains of its officers.”

This week, the hackers focused Denmark for supplying tanks to Ukraine, in addition to Estonia, Finland, and Bulgaria for what NoName sees as “anti-Russian” insurance policies.

The assault impacting Canadian airports wasn’t the one incident affecting the nation’s border authorities. Final week, a special hacking group known as NoEscape claimed duty for an assault on a corporation that oversees lake and river techniques alongside the U.S.-Canadian border. The Worldwide Joint Fee (IJC) initiated an investigation however didn’t touch upon whether or not the group was experiencing operational issues.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Be taught extra.

No earlier article

No new articles

Daryna Antoniuk

Daryna Antoniuk
is a contract reporter for Recorded Future Information primarily based in Ukraine. She writes about cybersecurity startups, cyberattacks in Japanese Europe and the state of the cyberwar between Ukraine and Russia. She beforehand was a tech reporter for Forbes Ukraine. Her work has additionally been printed at Sifted, The Kyiv Unbiased and The Kyiv Submit.