Staff member hospitalized after assault at B.C. maximum security prison
A corrections officer at B.C.'s only maximum security federal prison was taken to hospital after an assault earlier this month.
State-sponsored actors targeted security devices used by governments around the world, according to technology firm Cisco Systems, which said the network devices are coveted intrusion points by spies.
In a blog post Wednesday, Cisco named it "ArcaneDoor," and described the activity as an espionage-focused campaign carried out by "state-sponsored actors targeting perimeter network devices from multiple vendors." It also said it found victims globally, all of which involved government networks.
Cisco and the cybersecurity agencies of Canada, Australia and the United Kingdom are urging customers to patch devices quickly.
In a joint, separate advisory, the Canadian Centre for Cyber Security, Australian Signals Directorate's Australian Cyber Security Centre and the UK's National Cyber Security Centre said they've been monitoring malicious cyber activity since early 2024 that targets virtual private network services — known as VPNS — used by governments and critical infrastructure globally.
VPNs offer a private tunnel that lets workers log into office networks from home, among other uses.
"The capabilities are indicative of espionage conducted by a well-resourced and sophisticated state-sponsored actor," the advisory said.
The agencies noted the campaign was sophisticated and used "multiple layers of novel techniques.
Canada's Communications Security Establishment (CSE), the government agency responsible for information security, told CTV News it was too early to determine which, if any, state was behind the attack.
"It is important that Canada and its partners defend against all threats, whether attributed or not," a spokesperson wrote.
Claudiu Popa, CEO of Datarisk Canada, said the Canadian government has historically been a consumer of Cisco and pointed out how the company is one of the largest providers of network equipment.
"It's a huge concern for not just Canada, but any country around the world and their governments," Popa said, adding the attackers don't appear to be on a mission to use ransomware or cyber extortion.
"The attackers are specifically looking for information," he said.
According to Cisco, a customer first alerted the company of a possible threat in early 2024 but its investigation discovered "actor-controlled infrastructure" dating back to early November 2023, and most activity took place between December 2023 and early January 2024. Cisco found methods were being tested as early July 2023.
Calvin Engen, chief technology officer of F12.net, said every Cisco ASA (Adaptive Security Appliance) device is compromised. Despite issuing patches to protect against it, an actor may have already gained access to the device, Engen said.
"They could possibly have what's called a 'backdoor' that could allow them to stay within their organization. So, it's very paramount for all organizations that have these devices to properly go through and validate that they don't have a persistent threat actor in their environment," he said.
Canada's privacy commissioner is investigating a data breach at Global Affairs Canada involving a cyberattack on an internal network reported earlier in 2024.
Personal information of users, including employees, was compromised when unauthorized individuals accessed the department's virtual private networks.
CTV News reached out to Global Affairs Canada to ask whether it was affected by the Cisco attack.
"The Government of Canada deals with ongoing and persistent cyber risks and threats every day and takes appropriate measures to protect its systems and mitigate against these threats," a spokesperson told CTV News in an email.
"Given its profile, Global Affairs Canada has very proactive security monitoring in place, and takes cyber security and such incidents very seriously," the spokesperson continued, adding the agency isn't able to comment further due to "operational reasons."
"I think for Canadians, the most interesting thing… is will we ever learn what country was behind this particular attack? And that will tell us something," Beauceron Security CEO David Shipley said. "And whether or not the government would… ever formally attribute this attack will tell us something else. These are all really complicated things."
The tech company released software updates to address the vulnerabilities that were exploited, "along with clear guidance to enable customers to detect potential compromise, upgrade, and restore integrity to compromised devices running ASA or FTD (Firepower Threat Defence) software," a Cisco spokesperson told CTV News.
The spokesperson said users can be assured that the company has a history of earning customers' trust through engagement and transparency when facing issues with its products.
A corrections officer at B.C.'s only maximum security federal prison was taken to hospital after an assault earlier this month.
An Ottawa woman who raised more than $500,000 for cancer research at the Ottawa Hospital has died after a lengthy battle with pancreatic cancer.
Conservative House Leader Andrew Scheer won't say whether his party will scale back or fully scrap Canada's federal dental care program, despite new data showing nearly 650,000 Canadians have used the plan.
A scuffle between members of the groundbreaking alternative rock band Jane’s Addiction came amid 'tension and animosity' during their reunion tour, lead singer Perry Farrell’s wife said Saturday.
Donald Trump wanted to spend this week attacking one of Democratic rival Kamala Harris' biggest political vulnerabilities. Instead, he spent most of the week falsely claiming that migrants are eating pets in a small town in Ohio and defending his embrace of a far-right agitator whose presence is causing concern among his allies.
As we head into another respiratory illness season, here’s a look at where Ontario stands when it comes to COVID-19 and what you need to know.
CTV News Northern Ontario provides and update on the story of more than 1.5 million bees be lost earlier this summer.
It started with a melting glacier that set off a huge landslide, which triggered a 650-foot high mega-tsunami in Greenland last September. Then came something inexplicable: a mysterious vibration that shook the planet for nine days.
Labour talks between Air Canada and its pilots are approaching a midnight deadline, when either side could trigger the start of a shutdown for Canada's largest airline.
Two sisters have finally been reunited with a plane their father built 90 years ago, that is also considered an important part of Canadian aviation history.
A Facebook post has sparked a debate in Gimli about whether to make a cosmetic change to its iconic statue.
A Pokémon card shop in Richmond is coming off a record-setting month, highlighted by a customer opening a pack to discover one of the most sought-after cards in the world.
Abandoned homes line the streets of Lauder, a town that's now a ghost of what it once was. Yet inside, a small community is thriving.
Perhaps Saskatchewan's most famous encounter with Unidentified Aerial Phenomenon (UAP/UFO) – "The Langenburg Event" is now being immortalized in the form of a collector's coin.
It's been 420 days since 22-year-old Abbey Bickell was killed in a car crash in Burnaby, a stretch full of heartbreak for her family as they not only grieved her death, but anxiously waited for progress in the police investigation. Wednesday, they finally got some good news.
A Simcoe, Ont. woman has been charged with assault with a weapon after spraying her neighbour with a water gun.
The dream of a life on water has drowned in a sea of sadness for a group of Chatham-Kent, Ont. residents who paid a Wallaceburg-based company for a floating home they never received.
In 2022, Tanya Frisk-Welburn and her husband bought what they hoped would be a dream home in Mexico.