Hacktivists breach Canada’s critical infrastructure, cyber Agency warns

Canada’s cyber agency warns hacktivists breached critical infrastructure, altering industrial controls and risking public safety.

The Canadian Centre for Cyber Security revealed that hacktivists have repeatedly breached systems of country’s critical infrastructure systems in the country. Attackers tampered with industrial controls at a water treatment facility, an oil & gas firm, and an agricultural facility.

Canada’s Cyber Centre issued the alert to warn of new cyber threats and offer detection, mitigation, and support to affected organizations.

The attacks caused false alarms, disruption of operations, and leading to potentially dangerous conditions of the impacted systems.

“In recent weeks, the Cyber Centre and the Royal Canadian Mounted Police have received multiple reports of incidents involving internet-accessible ICS.” reads the alert issued by the Canadian Centre for Cyber Security. “One incident affected a water facility, tampering with water pressure values and resulting in degraded service for its community. Another involved a Canadian oil and gas company, where an Automated Tank Gauge (ATG) was manipulated, triggering false alarms. A third one involved a grain drying silo on a Canadian farm, where temperature and humidity levels were manipulated, resulting in potentially unsafe conditions if not caught on time.”

Hacktivists exploit internet-facing industrial control systems (ICS) devices to gain attention, discredit organizations, and harm Canada’s image. Attackers aimed at compromising PLCs, SCADA, BMS, and IIoT systems putting public safety at risk.

The Canadian cyber agency remarks that unclear roles and poor coordination often leave vital systems exposed. Governments, municipalities, and organizations must clearly define responsibilities, collaborate closely, and secure all services, especially in sectors like Water, Food, and Manufacturing where no cybersecurity oversight exists.

Each organization should maintain an up-to-date inventory of internet-accessible ICS devices, replace direct exposure with VPNs and two-factor authentication, and apply the Cyber Centre’s Readiness Goals to strengthen defenses. When exposure is unavoidable, teams should implement intrusion prevention systems, run regular penetration tests, and manage vulnerabilities continuously. Municipal and corporate leaders should work directly with vendors to ensure secure deployment, maintenance, and decommissioning of all systems. Critical infrastructure organization are recommended to execute regular tabletop exercises to refine coordination and improve response to incidents. If they detect suspicious activity, organizations should report it promptly to the Cyber Centre or RCMP to support Canada’s nationwide effort to strengthen cyber resilience.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacktivists, Canada)