Post

Hacktivists breach Canada’s critical infrastructure, cyber Agency warns

Posted
By ictsec.pl
1 min read

The Canadian Centre for Cyber Security revealed that hacktivists have repeatedly breached systems of the country’s critical infrastructure. Attackers tampered with industrial controls at a water treatment facility, an oil & gas firm, and an agricultural facility.

“In recent weeks, the Cyber Centre and the Royal Canadian Mounted Police have received multiple reports of incidents involving internet-accessible ICS,” reads the alert issued by the Canadian Centre for Cyber Security. “One incident affected a water facility, tampering with water pressure values and resulting in degraded service for its community. Another involved a Canadian oil and gas company, where an Automated Tank Gauge (ATG) was manipulated, triggering false alarms. A third one involved a grain drying silo on a Canadian farm, where temperature and humidity levels were manipulated, resulting in potentially unsafe conditions if not caught on time.”

Hacktivists exploit internet-facing industrial control systems (ICS) devices to gain attention, discredit organizations, and harm Canada’s image. Attackers aimed at compromising PLCs, SCADA, BMS, and IIoT systems, putting public safety at risk.

Each organization should maintain an up-to-date inventory of internet-accessible ICS devices, replace direct exposure with VPNs and two-factor authentication, and apply the Cyber Centre’s Readiness Goals to strengthen defenses. When exposure is unavoidable, teams should implement intrusion prevention systems, run regular penetration tests, and manage vulnerabilities continuously. Municipal and corporate leaders should work directly with vendors to ensure secure deployment, maintenance, and decommissioning of all systems. Critical infrastructure organizations are recommended to execute regular tabletop exercises to refine coordination and improve response to incidents. If they detect suspicious activity, organizations should report it promptly to the Cyber Centre or RCMP to support Canada’s nationwide effort to strengthen cyber resilience.

For the complete article, see: Security Affairs

🔗 Apply for our next conference in Kuala Lumpur on December 9th and 10th, 2025 with the passcode: “6f&%dX”.

INFRASTRUCTURE
CYBER SECURITY HACKTIVISM CRITICAL INFRASTRUCTURE
This post is licensed under CC BY 4.0 by the author.