Canadian province's networks hit by 'sophisticated cybersecurity incidents'

British Columbia, Canada’s westernmost province, said that it had identified “sophisticated cybersecurity incidents” involving government networks.

In a statement, the province’s premier, David Eby, stressed there was currently no evidence that sensitive information had been compromised. Investigations were ongoing, and more work was needed “to determine what information may have been accessed,” he said on Wednesday evening.

Although the specific nature of the attack has not been clarified, the description of it as “sophisticated” alongside the announcement that it involved government networks would align with espionage from a state-sponsored actor seeking political intelligence.

“I know the public will have many questions about these incidents, and we will be as transparent as we can without compromising the investigation,” Eby said.

The provincial government’s investigation includes the Canadian Centre for Cyber Security alongside other agencies, and the Office of the Information and Privacy Commissioner has been informed.

“As this complex work proceeds, government will provide British Columbians with updates and information as we are able,” said the premier.

It follows an official inquiry in the country that found China had unsuccessfully attempted to interfere in the country’s previous elections. Beijing denied the allegations.

Earlier this week, the Canadian Security Intelligence Service (CSIS) published an annual report including the warning that persistent Chinese interference in Canadian political affairs risked undermining the country’s democracy.

“Canada’s strong democratic institutions, advanced economy, innovative research sectors, and leading academic institutions make Canada an attractive target for cyber-enabled espionage, sabotage, and foreign influenced activities, all of which pose significant threats to Canada’s national security,” the report stated.

The report named China as a state-based threat, warning that its cyber actors “continue widespread cyber espionage against a range of sectors and targets within Canada, including government, academic institutions, private industry and civil society organizations.”

It also identified India in the report, citing “the deterioration in the bilateral relations” between the countries following the potentially Indian state-sponsored assassination of Sikh separatist Hardeep Singh Nijjar, which took place in British Columbia in 2023.

The CSIS report stated that to-date it had observed “low-sophistication cyber operations against Canada by India-aligned non-state cyber actors. There is no indication that the Government of India was responsible for these cyber incidents.”