The Canadian Cyber Security Center has warned of the activities of a Chinese state hacking group that conducted a large-scale scan of a Canadian system. The attacks affected various sectors, including government institutions, democratic institutions, critical infrastructure, media and non-governmental organizations.
The Canadian Cyber Security Center reports that Chinese state-owned hackers, who pose a threat to national security, have been actively browsing a wide range of Canadian domains for several months. Although cyber intelligence is a widespread threat, the large-scale approach of this entity has revealed an increase in activity aimed at identifying vulnerabilities in many Canadian organizations and government structures. Canadian government organizations, federal political parties, parliamentary institutions, as well as critical infrastructure, defense, media and NGO organizations were the most affected.
Scanning is aimed at detecting possible vulnerabilities in systems. Although it does not indicate an immediate hack, it can be the first step in preparation for more serious actions. Scanning can be compared to checking the presence of security systems in a building, open doors or windows to find weak points for possible access.
The Canadian Cyber Security Center recommends that organizations use basic cyber security measures such as regular system updates, implementing multi-factor authentication and extensive logging to detect suspicious activity. It is also recommended that employees be trained to recognize phishing emails and suspicious messages. The Cyber Security Center continues to inform the public about potential threats and protect critical systems from possible attacks.