NEW From yearning for a change to cost of living, why some Canadians have left or may leave the country
For some immigrants, their dreams of permanently settling in Canada have taken an unexpected twist.
State-sponsored actors targeted security devices used by governments around the world, according to technology firm Cisco Systems, which said the network devices are coveted intrusion points by spies.
In a blog post Wednesday, Cisco named it "ArcaneDoor," and described the activity as an espionage-focused campaign carried out by "state-sponsored actors targeting perimeter network devices from multiple vendors." It also said it found victims globally, all of which involved government networks.
Cisco and the cybersecurity agencies of Canada, Australia and the United Kingdom are urging customers to patch devices quickly.
In a joint, separate advisory, the Canadian Centre for Cyber Security, Australian Signals Directorate's Australian Cyber Security Centre and the UK's National Cyber Security Centre said they've been monitoring malicious cyber activity since early 2024 that targets virtual private network services — known as VPNS — used by governments and critical infrastructure globally.
VPNs offer a private tunnel that lets workers log into office networks from home, among other uses.
"The capabilities are indicative of espionage conducted by a well-resourced and sophisticated state-sponsored actor," the advisory said.
The agencies noted the campaign was sophisticated and used "multiple layers of novel techniques.
Canada's Communications Security Establishment (CSE), the government agency responsible for information security, told CTV News it was too early to determine which, if any, state was behind the attack.
"It is important that Canada and its partners defend against all threats, whether attributed or not," a spokesperson wrote.
Claudiu Popa, CEO of Datarisk Canada, said the Canadian government has historically been a consumer of Cisco and pointed out how the company is one of the largest providers of network equipment.
"It's a huge concern for not just Canada, but any country around the world and their governments," Popa said, adding the attackers don't appear to be on a mission to use ransomware or cyber extortion.
"The attackers are specifically looking for information," he said.
According to Cisco, a customer first alerted the company of a possible threat in early 2024 but its investigation discovered "actor-controlled infrastructure" dating back to early November 2023, and most activity took place between December 2023 and early January 2024. Cisco found methods were being tested as early July 2023.
Calvin Engen, chief technology officer of F12.net, said every Cisco ASA (Adaptive Security Appliance) device is compromised. Despite issuing patches to protect against it, an actor may have already gained access to the device, Engen said.
"They could possibly have what's called a 'backdoor' that could allow them to stay within their organization. So, it's very paramount for all organizations that have these devices to properly go through and validate that they don't have a persistent threat actor in their environment," he said.
Canada's privacy commissioner is investigating a data breach at Global Affairs Canada involving a cyberattack on an internal network reported earlier in 2024.
Personal information of users, including employees, was compromised when unauthorized individuals accessed the department's virtual private networks.
CTV News reached out to Global Affairs Canada to ask whether it was affected by the Cisco attack.
"The Government of Canada deals with ongoing and persistent cyber risks and threats every day and takes appropriate measures to protect its systems and mitigate against these threats," a spokesperson told CTV News in an email.
"Given its profile, Global Affairs Canada has very proactive security monitoring in place, and takes cyber security and such incidents very seriously," the spokesperson continued, adding the agency isn't able to comment further due to "operational reasons."
"I think for Canadians, the most interesting thing… is will we ever learn what country was behind this particular attack? And that will tell us something," Beauceron Security CEO David Shipley said. "And whether or not the government would… ever formally attribute this attack will tell us something else. These are all really complicated things."
The tech company released software updates to address the vulnerabilities that were exploited, "along with clear guidance to enable customers to detect potential compromise, upgrade, and restore integrity to compromised devices running ASA or FTD (Firepower Threat Defence) software," a Cisco spokesperson told CTV News.
The spokesperson said users can be assured that the company has a history of earning customers' trust through engagement and transparency when facing issues with its products.
For some immigrants, their dreams of permanently settling in Canada have taken an unexpected twist.
Studies have shown that ultraprocessed foods can have a detrimental impact on health. But 30 years of research show they don’t all have the same impact.
Forging ahead with increasing Canada's capital gains inclusion rate 'sows division,' and is a 'shortsighted' way to improve the deficit, business groups are warning Finance Minister Chrystia Freeland.
An Ontario man considering having his driveway paved received a quote from a company for $7,000, but then, another paver in the neighbourhood knocked on his door and offered half that rate.
Stormy Daniels will return to the witness stand Thursday in Donald Trump's hush money trial as the defence tries to undermine the credibility of the porn actor's salacious testimony about their alleged sexual encounter and the money she was paid to keep quiet.
Amid evidence of rising breast cancer rates among young women in Canada, one Toronto startup is offering a contactless and radiation-free device that can help doctors identify suspicious changes in breast tissue. The company, Linda Lifetech, says this can lead to earlier detection of breast cancer.
Forecasters warned a wave of dangerous storms in the U.S. could wash over parts of the South early Thursday, a day after severe weather with damaging tornadoes and large hail killed at least three people in the region.
Toronto police say a man was taken into custody outside Drake's Bridle Path mansion Wednesday afternoon after he tried to gain access to the residence.
There is currently a whooping cough epidemic in Europe, with 10 times as many cases compared to the previous two years. While an outbreak has not been declared nationwide in Canada, whooping cough is regularly detected in the country.
The stakes have been set for a bet between Vancouver and Edmonton's mayors on who will win Round 2 of the Stanley Cup playoffs.
A grieving mother is hosting a helmet drive in the hopes of protecting children on Manitoba First Nations from a similar tragedy that killed her daughter.
A chicken farmer near Mattawa made an 'eggstraordinary' find Friday morning when she discovered one of her hens laid an egg close to three times the size of an average large chicken egg.
A P.E.I. lighthouse and a New Brunswick river are being honoured in a Canada Post series.
An Ontario man says he paid more than $7,700 for a luxury villa he found on a popular travel website -- but the listing was fake.
Whether passionate about Poirot or hungry for Holmes, Winnipeg mystery obsessives have had a local haunt for over 30 years in which to search out their latest page-turners.
Eighty-two-year-old Susan Neufeldt and 90-year-old Ulrich Richter are no spring chickens, but their love blossomed over the weekend with their wedding at Pine View Manor just outside of Rosthern.
Alberta Ballet's double-bill production of 'Der Wolf' and 'The Rite of Spring' marks not only its final show of the season, but the last production for twin sisters Alexandra and Jennifer Gibson.
A mother goose and her goslings caused a bit of a traffic jam on a busy stretch of the Trans-Canada Highway near Vancouver Saturday.