Canadian Ports and Energy Websites Hit by Pro-Russian Cyberattack

Cyberattack on Canada port websites — Canada's busy port of Halifax along with Montreal anf Quebec had their websites taken down by a cyberattack (Halifax file photo)

Three of Canadian’s primary eastern seaports were among the targets of a cyberattack apparently staged by a pro-Russian group that has also been targeting Canada’s energy infrastructure. The ports are reporting that the attacks were limited to a “denial of service” aimed at their websites and that none of their operations or internal systems seem to be impacted by the ongoing incident.

Canadian news outlet CBC News is reporting that attack began early on Wednesday, April 12, with the ports of Halifax, Montreal, and Quebec all saying that their websites had been targeted and crashed after they became overloaded in the “denial of service” attack. The ports' external sites appear to continue to be offline while CBC is now reporting that Quebec’s state-owned electricity provider Hydro-Quebec began experiencing a similar cyber assault on Thursday morning.

CBC reports that a pro-Russian hacking group known as NoName057(16) posted in a Telegram chatroom claiming responsibility for the attacks. The group said it was continuing to target Canadians.

“What is important is that our internal systems continue to operate normally and port operations have not been affected by this,” a spokesperson for the Port of Halifax told CBC. “Traffic continues to move through Port of Halifax.”

The Port of Montreal reported that its website went offline at 7:00 a.m. on Wednesday and the Port of Quebec also began experiencing an outage at around the same time. Port officials are saying that the attack has also been limited to their external pages and that this is no risk of a data breach.

It appears that it is not the first time that Russian groups targeted Canada’s infrastructure. Responding to reporters’ questions at the end of March, Prime Minister Justin Trudeau said “Canada’s energy infrastructure did not suffer any physical damage.” The questions were in response to a report that appeared in The New York Times which said the attack was cited in the recently discovered leak of confidential Pentagon documents mostly related to the war in Ukraine.

Ports and maritime infrastructure have increasingly become a target of hackers. The Port of Lisbon suffered a large data breach at the end of 2022. DNV was forced to take its ShipManager system offline for weeks by a cyberattack earlier this year impacting approximately 1,000 ships and more than 70 clients. It took the company two months to fully restore the system. In 2022, it was revealed that a cyberattack had caused the Port of South Louisiana to misappropriate $420,000, although they were later able to reduce the loss to $170,000 through reimbursements and reclaimed monies.

Last year, Gene Seroka, Executive Director of the Port of Los Angeles told the BBC that the number of cyberattacks on the port’s systems had doubled in the two years since the beginning of the pandemic. He estimated in July 2022 that the Port of Los Angeles was being targeted by as many as 40 million attacks a month.