Alert – Cybersecurity DDoS Notice
Attention HIROC Subscribers:
As your proactive partner in safety, HIROC is sharing the following important notice:
Please share this Alert with your Information Technology (IT) team to ensure that potential cybersecurity risks are identified and addressed in a timely manner.
The Canadian Centre for Cyber Security has issued an Alert on the threat of a Distributed Denial of Service (DDoS) campaign targeting multiple levels of the Government of Canada, provinces and territories and the financial and transportation sectors. These activities have been spotted since September 13, 2023, targeting multiple levels of the Government of Canada, financial and transportation sectors. Government partners and supporting organizations outside of government have been requested to be vigilant and to help protect online services.
DDoS campaigns are a cyber attack tactic used by cyber criminals to disrupt online services by over-loading website servers with internet traffic which results in unavailable online services or crashing of websites.
Some subscriber organizations may maintain both internally managed as well as externally hosted networks and websites. HIROC recommends that subscriber organizations contact its website hosting services and/or internal Information Technology department to:
- Inform them of the current DDoS campaign; and
- Understand existing controls and gaps in security protection against potential DDoS attacks.
If your organization or your technology or financial services partner is impacted by a DDoS attack, please reach out to HIROC and report this incident as a claim as soon as possible.
The following are controls that can be implemented to reduce the impact of DDoS attacks (Protecting your organization against denial of service attacks, CCCS, 2022):
- When enrolling into cloud and internet service providers, ensure DoS defence protection provisions are included within the service level agreement.
- Train information technology system administrators to effectively identify potentially malicious traffic patterns, short-term and long-term protection strategies and associated implications (e.g. whitelisting, geo-blocking, etc.).
- Monitor network and systems for suspicious traffic overload, slow network performance, unavailable or inaccessible website, or “inability to retrieve sensor data, or control critical processes of your ICS” (i.e. Industrial control systems).
- Where appropriate, enroll in a protection service that detects abnormal traffic flows to the website, redirects malicious traffic away and allows clean traffic to the website.
- Maintain up to date firewalls, anti-virus, anti-malware and intrusion detection and prevention solutions.
- Ensure you have a robust and reliable data backup and recovery strategy.
- Ensure your organization’s cyber incident response plan and disaster recovery plan include considerations related to potential DDoS campaigns.
Ensure those responsible for information security at your organization subscribe to security advisory services such as the ones noted below:
- Canadian Centre for Cyber Security, Government of Canada
- Cyber Security Education & Centre of Excellence Unit, Ontario Government
We Are Here For You!
If you have any questions about this Alert, please reach out to me directly at firstname.lastname@example.org (416-400-7971).
Thank you for your attention to this matter.
- Cyber Centre statement on a distributed denial of service (DDoS) campaign targeting multiple Canadian sectors, September 15, 2023, https://www.cyber.gc.ca/en/news-events/cyber-centre-statement-distributed-denial-service-campaign-targeting-multiple-canadian-sectors
- Alert - Distributed Denial of Service campaign targeting multiple Canadian sectors, September 15, 2023, https://www.cyber.gc.ca/en/alerts-advisories/distributed-denial-service-campaign-targeting-multiple-canadian-sectors
- Protecting your organization against denial of service attacks, July 2022, https://www.cyber.gc.ca/en/guidance/protecting-your-organization-against-denial-service-attacks-itsap80100