Get A Quote
Written by Cyber Threat Intelligence Unit on 15 September 2023

Defend Against Canada's Surge in DDoS Attacks

The estimated reading time is approximately 2 minutes.



Just months after the initial wave of Distributed Denial of Service (DDOS) attacks that began in early 2023, Canada has again found itself amidst digital aggression. The recent wave commenced on September 13th, leaving several crucial government and regulatory websites crippled over two days.

The affected websites, detailed below, include major entities from the Treasury Council Secretariat to provincial government websites like British Columbia.

Russian hacktivist groups are reportedly behind these attacks, specifically protesting Canada’s support for Ukraine. Significantly, the so-called DDOSia project, led by the elusive NoNames056(16), amplifies these attacks. DDOSia, an attack toolkit, offers individualized configurations to participants, incentivizing them with cryptocurrency payouts.

Contrary to the overt disruptions they cause, DDoS attacks aren't inherently destructive. Instead, their potency lies in their ability to overwhelm and divert, potentially acting as a smokescreen for more nefarious activities. By flooding servers with requests from bot-infested devices, they can knock a website offline or significantly impair its speed and responsiveness.

The politically charged motives underlying these attacks suggest that more are on the horizon.

For the institutions at risk, and indeed, for businesses and services everywhere, understanding and preparing for such assaults is vital.

Basic steps include:

  • Swift Response Protocols: Have a comprehensive plan that can be quickly implemented during an attack.
  • Infrastructure Defense: Implement measures that detect potential attacks and prevent them from causing undue harm.
  • Network Fortification: A well-configured network, updated regularly, can absorb and manage a barrage of unwanted requests.
  • Embrace Cloud Security: Adopt dedicated DDoS tools and cloud-based security solutions for an extra layer of protection.
  • Continuous Monitoring: Stay ahead of potential threats by employing technical monitoring and cyber threat intelligence solutions.

This episode is a stark reminder as the Canadian government scrambles to restore normalcy. In an era where geopolitical tensions can manifest in the digital realm, the importance of cybersecurity cannot be overstated.

If you would like more insights on the DDOSia project and the figures behind it, you can visit Sekoia's analysis.

Sept 13th:

  • Treasury Council Secretariat
  • Association of Securities Regulators in Canada
  • Quebec Financial Sector Authority
  • Quebec Economic Development Agency
  • Quebec Infrastructure Finance Company (SOFIL)
  • Secretariat of the Federation Council
  • Ministry of Economy and Innovation

Sept 14th:

  • British Columbia government website
  • Transport Canada
  • CAA - Canadian Motorists Association (traffic information site)
  • Prince Edward Island
  • Manitoba
  • Saskatchewan
  • Nova Scotia
  • Nunavut
  • Northwest Territories
  • Yukon
  • Canada Border Services Agency
  • Canadian Aviation Safety Agency
  • The website of the Canadian Senate was destroyed





For more information about Cyber Threat Intelligence

Related Posts