The RCMP is facing a serious cyber attack from an unspecified threat actor.
The Mounties told CBC News today that a “breach of this magnitude is alarming.”
“The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson for the RCMP said in a statement issued to CBC News.
“The quick work and mitigation strategies put in place demonstrate the significant steps the RCMP has taken to detect and prevent these types of threats,” CBC News was told.
UPDATE: On Friday afternoon, when this story was written, the RCMP’s main websites from headquarters in Ottawa didn’t appear to be affected. However on Sunday morning all of its main websites displayed an Error 404 message. The only site available was Contact page. Websites for provincial RCMP divisions such as British Columba, Alberta, and Ontario appeared to be working normally, but not websites for the RCMP in Nova Scotia and New Brunswick.
It could be a coincidence, but this week, Canada’s Communications Security Establishment — the government’s cybersecurity and electronic spy agency — urged IT departments to be vigilant for attacks, because Saturday is the second anniversary of Russia’s invasion of Ukraine. The worry is that Russian government threat actors or groups affiliated or sympathetic to Russia will mark the time by launching cyber attacks against nations supporting Ukraine.
The CSE said possible activity ranges from defacing websites and denial of service attacks to more serious activities.
Also this week, the RCMP was among the police forces credited with helping take down the LockBit ransomware gang.
In an email response to a query for more information, Marie-Eve Breton, an RCMP media relations officer, repeated the statement to the CBC that “while a breach of this magnitude is alarming, the quick work and mitigation strategies put in place demonstrates the significant steps the RCMP has taken to detect and prevent these types of threats.”
Asked in a follow-up email why the breach is of “magnitude” and “alarming,” whether it was serious enough to have destroyed hardware, or whether it was ransomware, Breton replied the Mounties are not in a position to provide further information, as its cyber and criminal investigations are ongoing.
“As previously stated, at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” she wrote. “Further, there are no known impacts on safety and security partners in Canada or abroad.”