The “cyber incident” that was responsible for knocking the National Research Council (NRC) offline last year was of foreign origin, according to a news report.
“The Research Council has diligently considered the need for openness, accountability and transparency. In doing so the Council has thoroughly weighed the public interest for disclosure against the need to ensure security of its network and systems,” the Jan. 11 statement said.
However, a short internal report titled “Audit Of Cyber Incident Response” and obtained by Blacklock’s Reporter through Access to Information law confirmed that the “cyber incident” was a foreign attack.
However, the NRC invoked certain sections of the Access to Information Act in order to withhold some records.
“The head of a government institution may refuse to disclose any record ... that contains information the disclosure of which could reasonably be expected to be injurious to the conduct of international affairs, the defence of Canada or any state allied or associated with Canada,” reads section 15.1 of the law under the heading “International affairs and defence.”
300 Cyberattacks in 2021
Federal Treasury Board figures submitted to a House of Commons committee last year indicated that there were over 300 reported cyberattacks made against federal departments and agencies in 2021.“In the last year, there were a total of 308 cyber incidents reported. The Government of Canada works continuously to enhance cyber security in government services by preventing attacks through implementation of protective security measures, identifying cyber threats and vulnerabilities, and by preparing for and responding to cyber incidents to better protect Canada.”
The report also said that between March 2021 and January 2022, there were 358 reported “material privacy breaches.”
“At this time, reporting does not correlate cyber incidents and material privacy breaches,” it added.
