Alert – Cybersecurity DDoS Notice

Kopiha Nathan
Cover art for cyber alert

Attention HIROC Subscribers:

As your proactive partner in safety, HIROC is sharing the following important notice:

Please share this Alert with your Information Technology (IT) team to ensure that potential cybersecurity risks are identified and addressed in a timely manner.

The Canadian Centre for Cyber Security has issued an Alert on the threat of a Distributed Denial of Service (DDoS) campaign targeting multiple levels of the Government of Canada, provinces and territories and the financial and transportation sectors. These activities have been spotted since September 13, 2023, targeting multiple levels of the Government of Canada, financial and transportation sectors. Government partners and supporting organizations outside of government have been requested to be vigilant and to help protect online services.

DDoS campaigns are a cyber attack tactic used by cyber criminals to disrupt online services by over-loading website servers with internet traffic which results in unavailable online services or crashing of websites.

Some subscriber organizations may maintain both internally managed as well as externally hosted networks and websites. HIROC recommends that subscriber organizations contact its website hosting services and/or internal Information Technology department to:

  • Inform them of the current DDoS campaign; and
  • Understand existing controls and gaps in security protection against potential DDoS attacks.

If your organization or your technology or financial services partner is impacted by a DDoS attack, please reach out to HIROC and report this incident as a claim as soon as possible.

The following are controls that can be implemented to reduce the impact of DDoS attacks (Protecting your organization against denial of service attacks, CCCS, 2022):

  • When enrolling into cloud and internet service providers, ensure DoS defence protection provisions are included within the service level agreement.
  • Train information technology system administrators to effectively identify potentially malicious traffic patterns, short-term and long-term protection strategies and associated implications (e.g. whitelisting, geo-blocking, etc.).
  • Monitor network and systems for suspicious traffic overload, slow network performance, unavailable or inaccessible website, or “inability to retrieve sensor data, or control critical processes of your ICS” (i.e. Industrial control systems).
  • Where appropriate, enroll in a protection service that detects abnormal traffic flows to the website, redirects malicious traffic away and allows clean traffic to the website.
  • Maintain up to date firewalls, anti-virus, anti-malware and intrusion detection and prevention solutions.
  • Ensure you have a robust and reliable data backup and recovery strategy.
  • Ensure your organization’s cyber incident response plan and disaster recovery plan include considerations related to potential DDoS campaigns.

Ensure those responsible for information security at your organization subscribe to security advisory services such as the ones noted below:

We Are Here For You!

In the event of a cyber loss, please contact Marnie MacPhee, Director of Claims at mmacphee@hiroc.com (416-730-3056), or HIROC’s Claims Department at newclaims@hiroc.com.

If you have any questions about this Alert, please reach out to me directly at knathan@hiroc.com (416-400-7971).

Thank you for your attention to this matter.

Reference