Yukon gov’t, federal agencies investigating ‘unprecedented’ cyberattack that brought down website | CBC News
[ad_1]
The Yukon government, along with the Canadian Centre for Cyber Security and the RCMP’s cyber crimes division, is investigating an unprecedented cyberattack that brought down the territorial government’s websites and internal internet-based systems Thursday.
The distributed-denial-of-service attack, where an unusually-high amount of traffic is sent to a network in an effort to overwhelm it, began Thursday at midnight and is still ongoing, the government said in a news release Friday afternoon.
However, mitigation efforts such as putting websites behind a new firewall have been successful, according to officials, and approximately 90 per cent of services had been restored as of Friday morning.
The intent and orchestrator of the attack is still unclear at this point, Yukon government director of cyber security Noah Gehmair said in an interview.
However, he said the Canadian Centre for Cyber Security indicated that there appears to be a link to the denial-of-service attacks that occurred in other provinces and territories Thursday as well.
“So, there’s a good chance it was the same threat actor conducting this attack,” he said.
No private citizen information or government files are believed to have been compromised.
“The nature of a denial-service-attack is simply to make our services unavailable for use,” Gehmair explained.
“It’s more of what I would consider to be cyber-vandalism, in a sense, with no real lasting damage after it’s run its course.”
The Yukon government’s website typically gets between 10,000 to 50,000 requests-for-viewing an hour, but at the peak of the attack, was getting more than a million. While the government has seen denial-of-service attacks “on a much smaller scale” before, Gehmair said what happened Thursday was “unprecedented.”
“It seemed to be a very sophisticated and well-orchestrated attack — generally, our equipment is able to handle smaller-scale attacks,” he said.
“This was a little bit — something we weren’t quite prepared for.”
Besides the new firewall, Gehmair said his team has also introduced a number of new controls and filters on the government’s internet gateways that will help prevent similar attacks in the future. It’s also doing “cleanup activities” to get the remainder of affected websites back online while continuing the investigation into who was behind the attack, and why.
“My team’s been busy — we had a pretty, pretty long day yesterday… [but] we’re definitely seeing the light at the end of the tunnel now,” he said.
“So yeah, we’re doing much better compared to this time yesterday.”
[ad_2]