B.C. minister says police probing government systems cyberattack - Action News
Home WebMail Friday, November 22, 2024, 04:48 AM | Calgary | -13.8°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
British Columbia

B.C. minister says police probing government systems cyberattack

Police are involved in the investigation into a sophisticated attempt to breach protected British Columbia government information systems, Solicitor General Mike Farnworth said Thursday.

B.C.'s public safety minister says no evidence of sensitive information being accessed or compromised

Minister of Public Safety and Solicitor General Mike Farnworth attends a press conference in the press theatre at legislature in Victoria, B.C., on Thursday, October 5, 2023.
Police are involved in the investigation into a sophisticated attempt to breach protected British Columbia government information systems, said Solicitor General Mike Farnworth, pictured here at an October 2023 press conference, on Thursday. (THE CANADIAN PRESS/Chad Hipolito)

Police are involved in the investigation into a sophisticated attempt to breach protected British Columbia government information systems, Solicitor General Mike Farnworth said Thursday.

But Farnworth, who is also B.C.'s public safety minister, said there was no evidence the cyberattack succeeded in accessing the information and there had been no ransom demand.

"I can tell you at this time there is no evidence of any sensitive information, such as health records for example, either being accessed or compromised," he said at the legislature. "I can confirm that this has not been a ransomware incident."

The Canadian Centre for Cyber Security and other agencies including police are involved in the investigation, Farnworth said of the incident that was announced late Wednesday by Premier David Eby.

The Canadian Centre for Cyber Security is part of Canada's national cryptological agency, the Communications Security Establishment, providing guidance, services and support to government on cybersecurity.

"It was a very sophisticated attempt and we've been told by the experts that the money that was spent in 2022 in terms of upgrades to the system had that not taken place, we would not even know the attempt was happening," Farnworth said.

The government cyberattack comes amid other incidents in B.C. in recent weeks. Hackers targeted B.C. libraries and demanded a ransom to not release user information last month, while retailer London Drugs was forced to shut its stores across Western Canada for more than a week after a cybersecurity incident.

London Drugs President Clint Mahlman said in an interview Thursday that the company had no evidence to suggest customer data was compromised, and he had no knowledge if the breach might be connected to the B.C. government incident.

Farnworth said Thursday the government learned of its own incident "recently," but would not say precisely when.

He acknowledged that B.C.'s Office of the Chief Information Officer sent a memo last week directing government employees to change their passwords. Farnworth said passwords were changed routinely, but "when something like this happens, passwords obviously get changed."

Todd Stone, Opposition B.C. United house leader, connected the password directive to the attack and asked why the government waited eight days to share details with the public.

A London Drugs sign.
The president of London Drugs said he had no knowledge if a cyber breach that closed its stores might be connected to the B.C. government incident. (Ben Nelms/CBC)

Farnworth said cybersecurity experts advised that the priority was protecting the system and its information before going public, something that could potentially increase vulnerability to attacks.

He said the government has no information about who may be responsible.

Mahlman, meanwhile, said he wouldn't share "details of any interactions with the threat actors" behind the London Drugs attack.

He said he didn't know why the company was targeted, but hackers with sophisticated methods were "constantly probing for weaknesses" of online systems.

Mahlman said the pharmacy and retail chain, which is based in Richmond, B.C.,had been preparing for such a situation for years, and they shut down immediately after the cybersecurity breach was discovered on April 28 in order to contain the threat.

Since then, Mahlman said London Drugs had been working with cybersecurity experts to "methodically go through every system" and bring them back online in a secure way.

"We won't reopen a system until we have the confidence that it is as good as we can possibly make it," he said.

WATCH| London Drugs president oncyberattack that shut down all of its stores

COO responds after hackers force London Drugs shutdown

24 days ago
Duration 7:54
London Drugs president and COO Clint Mahlman tells The Nationals Ian Hanomansing about the cyberattack that shut down all of its stores for days and how an outpouring of support from staff and the community helped the company navigate the crisis.

He said he was sorry the company couldn't release more details in the days after the incident, but they didn't want to give the attackers any leverage.

"The cybersecurity experts deal with these people all the time, and as such, they see certain behaviours from certain threat actors," he said.

Mahlman said hackers look at media reports about the cyberattacks, assessing whether the company is aware of the extent of the breach and its ability to recover.

"They use that information to either sustain their attack or leverage in some sort of way against the company."

London Drugs would not knowingly give hackers that leverage, Mahlman said.

"We apologize to the media and our customers that we couldn't have given more details that they want, but that's our commitment to the safety and security of our systems and our customers."

London Drugs said on Tuesday that all 79 of its stores in B.C., Alberta, Saskatchewan, and Manitoba had reopened, and Mahlman said it was a "very big step" to shut down its systems companywide to "contain and mitigate any potential damage."

Cybersecurity expert will give us practical advice on how we can protect ourselves from the hackers of the dark web.

"The level of sophistication and expertise of these international cyber-threat actors is significant," Mahlman said.

Mahlman said the investigation was ongoing with the help of cybersecurity experts from across the continent, and more work needed to be done to determine what information could have been accessed.

"We've never had to shut down all our stores before," Mahlman said. "I think the public may be shocked to know, and this is far from unique to London Drugs."