Cyber Incident Victim: Ontario
Date:
Apr 2023
Location:
Canada
Summary
Canadian government websites experienced a distributed denial-of-service attack claimed by Russian group NoName, citing retaliation for perceived anti-Russia policies, causing temporary service disruptions. Concurrently, Russian hackers reportedly targeted pipeline control systems to manipulate pressure and disable alarms, though no physical damage occurred. Officials confirmed monitoring and restoration efforts while acknowledging cyber operations as part of ongoing hybrid warfare tactics by Russia.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On April 10, 2023, Canadian federal government websites—specifically those of Prime Minister Justin Trudeau and Parliament—experienced a distributed denial-of-service (DDoS) attack attributed to the Russian hacker group NoName. The attack coincided with the eve of Ukrainian Prime Minister Denys Shmyhal’s official visit to Canada. NoName publicly claimed responsibility via Telegram, citing retaliation against Canada’s "Russophobic initiatives" and criticizing Canada’s stance toward Russia and its ally, China. The group flooded external parliamentary websites with an unusually high volume of network login attempts, degrading performance and causing intermittent accessibility issues. Prime Minister Trudeau’s website remained inaccessible for approximately one hour during the incident. House of Commons spokesperson Amélie Crosson confirmed the IT support team detected the anomalous traffic early on April 10 and collaborated with partners to restore service performance while continuously monitoring the situation. Trudeau dismissed the disruption during a joint press conference with Shmyhal, asserting that temporary website outages would not deter Canada’s support for Ukraine.
The incident occurred amid warnings of broader hybrid warfare tactics by Russia, including more destructive cyber operations beyond DDoS disruptions. Ukrainian Prime Minister Shmyhal emphasized that cyberattacks were a consistent element of Russia’s years-long hybrid warfare strategy. Separately, Pentagon documents reported by the Wall Street Journal revealed Russian hackers from the group Zarya had allegedly targeted Canadian pipeline control systems. According to these documents, Zarya claimed to Russian intelligence services that they infiltrated systems to manipulate pipeline pressure, disable alarms, and disrupt gas distribution—though Prime Minister Trudeau stated no physical damage to energy infrastructure had occurred. The House of Commons IT team maintained efforts to stabilize network performance amid the DDoS attack, which typically aims to overwhelm servers without causing permanent data loss or system destruction. Crosson noted some websites might experience brief slowdowns or outages during recovery operations.