Cyber Incident Victim: Davincys
Date:
Apr 2023
Location:
Canada
Summary
A cyberattack targeted Canadian government websites, including those of the Prime Minister and Parliament, causing temporary inaccessibility and performance degradation through a distributed denial-of-service (DDoS) attack claimed by the Russian group NoName. The group cited retaliation against Canada's foreign policy positions on Russia and China as motivation. Concurrently, Russian-linked hackers from the Zarya group reportedly infiltrated systems controlling Canadian pipelines, manipulating pressure settings and disabling alarms, though no physical damage occurred. Officials acknowledged the incidents as part of ongoing hybrid warfare tactics by Russian actors, emphasizing continued support for Ukraine despite the disruptions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On April 10, 2023, Canadian federal government websites, including those of Prime Minister Justin Trudeau and Parliament, experienced a cyberattack attributed to the Russian hacker group NoName. The attack coincided with the eve of Ukrainian Prime Minister Denys Shmyhal’s official visit to Canada. The House of Commons Administration’s IT support team detected an unusually high volume of network login attempts targeting external parliamentary websites early that Monday, degrading their performance. This distributed denial-of-service (DDoS) attack flooded the sites with connection requests to overwhelm servers, causing intermittent slowdowns and temporary inaccessibility. The Prime Minister’s website remained unavailable for approximately one hour. NoName claimed responsibility via Telegram, framing the attack as retaliation against Canada’s "russophobic initiatives" and criticizing Canada’s stance toward Russia and its ally China. The group sarcastically noted that while the Russia-China alliance would strengthen despite Canada’s policies, Canadian websites would not enjoy similar resilience.
The attack disrupted public access to government services but caused no permanent damage, consistent with typical DDoS outcomes. House of Commons spokesperson Amélie Crosson confirmed IT teams collaborated with partners to restore service performance while continuously monitoring the situation. During a joint press conference with Shmyhal, Prime Minister Trudeau dismissed the incident’s significance, asserting Russia’s temporary disruption of a government site would not deter Canada’s support for Ukraine. Shmyhal contextualized the incident as part of Russia’s broader hybrid warfare strategy. Separately, U.S. Pentagon documents reported by the Wall Street Journal indicated Russian hackers from the group Zarya had previously targeted Canadian energy infrastructure, allegedly penetrating pipeline control systems to manipulate pressure levels, disable alarms, and disrupt gas distribution. Trudeau clarified no physical damage occurred to energy assets, though the revelations underscored concerns about escalating cyber threats against critical infrastructure.