News Alert: Canadian national defence contractor victim of cyberattack

News Alert: Canadian national defence contractor victim of cyberattack

June 10, 2022

A contractor to the Canadian Department of National Defence (DND) based in Montreal, Quebec, has reportedly suffered a devastating cyberattack.

Earlier this week the DND confirmed reports that its contractor, CMC Electronics, had alerted the government that it has been the victim of "cyber breach related incident."

Procurement records show that CMC Electronics has been selected for millions of dollars of work for the Canadian Armed forces, mostly in the areas of engineer and research and development. The DND acknowledged that the company has received $19.5 million at part of 66 contracts since 2011.

“DND/CAF does not comment on the cyber or IM/IT approaches of third-party vendors; however, we recognize the importance of cyber security in defence and defence contracting,” a DND spokesperson told Global News.

The spokesperson also gave assurances that none of DND’s internal systems employ CMC Electronics technology, adding that the department is “continuing to monitor” the situation while ensuring both CAF and its own information is safeguarded.

CMC Electronics had reached out to Insurance Business magazine to confirm that the incident has been contained.

“On May 31, 2022, CMC Electronics (CMC) identified that an unauthorized third-party had gained access to our computer network and disrupted our operations in connection with a ransom demand. We proactively took steps to shut down our network to protect our systems and data. At this stage, we are confident that we have successfully contained the incident," the company said in an email statement.

CMC also confirmed in its statement that it has launched an investigation into the matter with "the assistance of outside cybersecurity experts," which includes "leading forensics specialists," and that it had reported the incident to relevant authorities.

"CMC takes the security of our systems and our customers’ data extremely seriously, and we regret any concern or inconvenience this incident may cause," the company prefaced.

At present there do not appear to be any indications that the parties responsible for the cyberattack have stolen any sensitive military information, some public reports suggest that the attack was allegedly carried out by a cybercrime gang known as “ALPHV” or “BlackCat.” An anonymous intelligence source told Global News that it is believed that the criminal group’s technology was developed by another group with direct links to Moscow.