B.C. government slammed for withholding information about cyber breach
B.C. United leader Kevin Falcon said the timing of the announcement was suspicious and aimed at burying bad news.
Article content
The B.C. NDP is under fire for waiting more than a week to tell the public that the government had been hit by a cybersecurity attack.
Premier David Eby announced at 6 p.m. Wednesday that the province had been the target of “sophisticated cybersecurity incidents” involving government networks, eight days after government employees were told to change and strengthen their passwords.
Advertisement 2
Article content
Article content
B.C. United leader Kevin Falcon said the timing of the announcement was suspicious and aimed at burying bad news.
“We know that for at least eight days, they’ve known that this was an issue,” Falcon said Thursday. “And (Wednesday) night, they quietly released a statement in the midst of the Canucks playoff hockey game, which is part of their pattern of always being secretive about things and not transparent.”
Provincial employees were advised early last week to immediately change their passwords and make them 14 characters long. B.C.’s Office of the Chief Information Officer at the time described that as part of the governments’ efforts to “routinely” update security measures.
Public Safety Minister Mike Farnworth said the government became aware of the threat recently, but refused to give an exact time.
He said technical security experts began working to protect the system right away.
“The challenge with going out right away and telling people that is the moment that you do that, if you haven’t secured everything, if you haven’t understood what’s taking place, you are then making the system more vulnerable to outside interference from people who are up to mischief,” he told reporters on Thursday.
Article content
Advertisement 3
Article content
Farnworth would not say if foreign actors are behind the attack.
There has not been a ransom demand, he said. “That’s one thing I can confirm, this has not been a ransomware incident.”
Farnworth reiterated Eby’s statement that there’s no evidence that any sensitive information, such as personal health records, have been accessed or compromised.
The premier’s office said the government’s online security firewall fends off 1.5 billion unauthorized access attempts to its online systems every day.
Eric Li, an associate professor at the University of British Columbia, Okanagan, who specializes in cybersecurity, said it’s particularly concerning when governments are victims of cybersecurity attacks because the sensitive information they possess for millions of British Columbians — including social insurance numbers, addresses and phone numbers — creates a serious risk of identity theft. However, Li had no criticism for how the government handled news of the cyber attack.
Li said artificial intelligence has got so sophisticated, that as soon as a government or company updates their security networks, the AI system immediately adapts to find other ways to hack in.
Advertisement 4
Article content
One can think of an online server, a treasure trove of personal data, as a house with many doors, Li said. When hackers come through one door, online security experts need to work to secure the other doors while also fixing the weakness that allowed the breach in the first place.
Farnworth said without an online security overhaul undertaken by the government in 2022, the security breach might have gone undetected.
The government is working with the Canadian Centre for Cyber Security and police agencies to investigate the incident.
The centre said in a statement it works closely with Canadian governments, police and national security officials and the private sector to help it protect against cyber threats.
The centre shares advice and guidance about cybersecurity best practices, threat bulletins about potential cyber risks and warning about potential compromised systems.
The Office of the Information and Privacy Commissioner has also been made aware of the breach.
Privacy Commissioner Michael Harvey was not available for an interview Thursday, but a spokesman for his office said the government has committed to providing updated information about the breach as it becomes available.
Advertisement 5
Article content
The office said public bodies are required to notify individuals, and report to the OIPC, about any privacy breaches that could be expected to result in significant harm.
Government staff received an email late Wednesday from Shannon Salter, head of the public service, informing them of the cybersecurity attack.
Farnworth said there’s no indication the cybersecurity breach is linked to the hacking incident that hit retailer London Drugs, forcing it to shut down stores for more than a week.
Falcon said the government’s slow approach at releasing information stands in sharp contrast to the way the cybersecurity incident was handled by London Drugs, which informed customers within days about the cyber hack and provided regular updates.
However, London Drugs president Clint Mahlman apologized that his company didn’t release information until several days after the incident, saying that was the approach recommended to avoid giving the attackers any leverage.
“The cybersecurity experts deal with these people all the time, and as such, they see certain behaviours from certain threat actors,” he said.
Advertisement 6
Article content
Mahlman said hackers look at media reports about the cyber attacks and assess whether the company is aware of the extent of the breach and its ability to recover.
with files from The Canadian Press
Bookmark our website and support our journalism: Don’t miss the news you need to know — add VancouverSun.com and TheProvince.com to your bookmarks and sign up for our newsletters here.
You can also support our journalism by becoming a digital subscriber: For just $14 a month, you can get unlimited access to The Vancouver Sun, The Province, National Post and 13 other Canadian news sites. Support us by subscribing today: The Vancouver Sun | The Province.
Article content