Cyber Incident Victim: National Research Council of Canada

On March 18, 2022, Canada’s National Research Council (NRC) detected a cyber incident, prompting immediate mitigation actions and an ongoing investigation. The organization’s existing cybersecurity procedures and controls enabled a rapid response, though specific technical details of the attack were not disclosed. Several NRC applications were taken offline as a precautionary measure, resulting in service disruptions and reduced availability for an unspecified period. The NRC, Canada’s largest federal research and development organization, emphasized its constant vigilance against cyber threats given its scientific mandate. Christine Aquino, the NRC’s Director General of Communications, confirmed coordination with Shared Services Canada, the Treasury Board Secretariat, and the Canadian Centre for Cyber Security (CCCS) to address the incident. This event occurred two months after Global Affairs Canada experienced a similar cybersecurity disturbance on January 19, 2022.

The incident unfolded amid heightened cybersecurity advisories from Canadian and international agencies. On January 19—the same day as the Global Affairs Canada breach—the CCCS issued a bulletin urging critical infrastructure operators to guard against potential Russian state-sponsored cyber threats. While the NRC did not attribute the March 18 incident to any specific actor, its collaboration with CCCS aligned with broader defensive recommendations, including enhanced organizational vigilance and incident response planning. The U.S. and U.K. had concurrently warned their cybersecurity communities about Russian cyber activity, though no direct link to the NRC incident was established. Historically, the NRC faced a significant cyber attack in July 2014 attributed to Chinese hackers, which necessitated a full network shutdown. The 2022 incident underscored persistent risks to federal research infrastructure despite established mitigation protocols.