Cyber Incident Victim: Canada
Date:
Sep 2023
Location:
Canada
Summary
A pro-Russian hacker group known as NoName conducted a denial-of-service cyberattack targeting multiple Quebec government websites, including those of the Treasury Board, securities regulator, Economy Department, and Investissement Quebec. The attack overwhelmed servers with traffic, causing temporary outages, though provincial authorities confirmed no evidence of compromised personal data. The incident aligns with NoName's previous activities, including an April attack on Hydro-Quebec's digital platforms, as part of broader campaigns against U.S. allies.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On September 12, 2023, the Quebec government experienced a distributed denial-of-service (DDoS) cyberattack targeting several provincial websites, causing temporary outages. The attack, which occurred between the evening of September 12 and the morning of September 13, overwhelmed government servers with excessive traffic, disrupting access to sites including the Treasury Board, the Autorité des marchés financiers (Quebec's securities regulator), the Economy Department, and Investissement Québec. Quebec Cybersecurity Minister Éric Caire publicly attributed the attack to the pro-Russian hacker collective NoName, noting the group's historical alignment with Moscow's geopolitical interests. The province's Cybersecurity and Digital Technology Department confirmed the incident's technical nature as a volumetric DDoS attack designed to crash systems through traffic saturation rather than breach data. Initial assessments indicated no evidence of data exfiltration or compromise of personal information stored on the affected systems. Service interruptions were described as temporary, with government IT teams working to restore access throughout Wednesday.

NoName claimed responsibility for the attack, continuing its pattern of targeting NATO-aligned governments, as seen in its April 2023 attack on Hydro-Québec's public-facing platforms. Minister Caire characterized the incident as disruptive but not destructive, emphasizing the absence of persistent system compromise. The attack coincided with heightened cyber activity by Russian-aligned groups amid geopolitical tensions, though no direct state involvement was alleged. Quebec's cybersecurity unit monitored the situation without activating provincial emergency protocols, reflecting their assessment of the attack's limited operational impact beyond temporary service degradation. Historical context provided by the Canadian Press noted NoName's prior targeting of U.S. and European critical infrastructure, framing the Quebec incident as part of a broader campaign against Western governments supporting Ukraine. The provincial government maintained public communications through unaffected channels while restoring services, with no reports of financial losses or secondary disruptions to dependent systems.
