Cyber Incident Victim: Government of Canada
Date:
Oct 2022
Location:
Canada
Summary
A cyber incident targeting Canadian government IT infrastructure prompted password resets for Members of Parliament, their staff, and multiple parliamentary agencies, alongside restrictions on certain internet-based services while critical functions remained operational. The breach, under investigation with support from national cybersecurity authorities, followed prior warnings about systemic vulnerabilities and hostile state-sponsored threats, though no confirmed account compromises were reported. This event occurred months after another significant attack on Global Affairs Canada and echoed parliamentary committee findings highlighting risks from foreign cyber espionage.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On October 5, 2022, a cyber incident targeting the Canadian government's information technology infrastructure was identified, prompting immediate security measures across parliamentary networks. The House of Commons administration, through Speaker's Office communications manager Amelie Crosson, confirmed the breach affected all users served by House of Commons infrastructure, including members of Parliament, their staff, Senate personnel, Library of Parliament employees, Parliamentary Protective Service members, and staff of the Conflict of Interest and Ethics Commissioner. Critical parliamentary services remained operational, but internet-based services were partially restricted as mitigation continued through at least October 18. Between October 12-14, MPs received directives to change their email passwords, with follow-up alerts on October 14 reiterating the requirement for non-compliant users. Conservative MP Matt Jeneroux publicly expressed concerns about potential risks to sensitive information across all political parties' offices.
The Canadian Centre for Cyber Security acknowledged awareness of the incident and provided support to maintain critical government functions, though no specific attacker attribution or confirmed data compromise was disclosed by investigators. This incident followed a January 2022 cyber attack against Global Affairs Canada and aligned with August 2022 RCMP warnings to parliamentarians about persistent targeting by hostile actors. Parliamentary IT teams had previously distributed secured devices and cybersecurity training following earlier threats. The February 2022 National Security and Intelligence Committee report had identified systemic weaknesses in government cyber defenses, specifically highlighting risks from state-sponsored hackers from China and Russia seeking sensitive data. While Crosson stated no evidence indicated MP email account compromises, technology analyst Carmi Levy interpreted the password reset mandate as indicative of credential exposure requiring immediate authentication safeguards.