The group tasked with managing the lake and river techniques alongside the border between the U.S. and Canada for the final hundred years introduced Wednesday that it skilled a cyberattack following studies that ransomware hackers claimed to have stolen reams of knowledge.
The Worldwide Joint Fee (IJC) – guided by the 1909 Boundary Waters Treaty signed by each international locations – approves tasks that have an effect on the water ranges and flows throughout the border, investigates transboundary points and presents options.
On Monday, the NoEscape ransomware gang claimed it attacked the group – which has workplaces in Washington, D.C., Ottawa and Windsor – and stole 80 GB of contracts, geological information, battle of curiosity kinds and extra.
#NoEscape has listed the Worldwide Joint Fee. #ransomware 1/3 pic.twitter.com/MCQzSCbmUS
— Brett Callow (@BrettCallow) September 11, 2023
The gang gave the IJC 10 days to reply to their demand for a ransom. The group didn’t say how a lot cash it was demanding to unlock the information.
On Wednesday, an ICJ spokesperson confirmed that it was coping with a cybersecurity difficulty however declined to elaborate about whether or not regulation enforcement has been contacted or if the group was going through operational points.
“The Worldwide Joint Fee has skilled a cyber safety incident,” a spokesperson mentioned. “The group is taking measures to analyze and resolve the scenario.”
They didn’t reply to requests for remark about whether or not a ransom could be paid.
Since rising in Might, NoEscape hackers have taken credit score for assaults on Germany’s bar affiliation and Hawaiʻi Group School in addition to Australian firms, a hospital in Belgium, a producing firm within the US and one other manufacturing firm within the Netherlands.
Organizations just like the Worldwide Joint Fee and others centered round managing or legislating water techniques have change into a battleground for cybersecurity regulation this 12 months. State lawmakers and federal regulators are at present in courtroom over guidelines handed by the Environmental Safety Company (EPA) in March that add cybersecurity to annual state audits of public water techniques.
This week, the Cybersecurity and Infrastructure Safety Company (CISA) introduced that it could offer ingesting water and wastewater techniques free vulnerability scanning companies.
Water techniques can get weekly automated scans that can present a report on recognized vulnerabilities discovered on internet-accessible belongings, week-to-week comparisons, and mitigations.
“Ingesting water and wastewater techniques are important for our group’s wellbeing,” CISA said. “However they’re not resistant to cyberattacks.”
Recorded Future
Intelligence Cloud.
Be taught extra.
Jonathan Greig
Jonathan Greig is a Breaking Information Reporter at Recorded Future Information. Jonathan has labored throughout the globe as a journalist since 2014. Earlier than shifting again to New York Metropolis, he labored for information retailers in South Africa, Jordan and Cambodia. He beforehand lined cybersecurity at ZDNet and TechRepublic.
