TZUTC: -0500
MSGID: 1655.consprcy@1:2320/105 2d6b59b5
PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
FORMAT: flowed
Canadian government claims hacktivists are attacking water and energy
facilities

Date:
Fri, 31 Oct 2025 15:24:00 +0000

Description:
Businesses operating ICS systems need effective communication and
collaboration," the Canadian government warns.

FULL STORY

The Canadian government has issued a new security alert warning of so-called
hacktivists targeting Industrial Control Systems (ICS). 

The report says the Cyber Centre and the Royal Canadian Mounted Police has
received multiple reports of incidents involving internet-accessible ICS. 

Among the reports were an attack on a water facility, in which the miscreants
tampered with water pressure valves and degraded the service for the
community.

How to secure the assets 

The report also mentions a Canadian oil and gas company, in which an 
Automated Tank Gauge (ATG) was manipulated into triggering false alarms. 

Finally, there was an attack on a grain drying silo in a Canadian farm, where
the attackers changed temperature and humidity levels. Luckily, the attack 
was caught on time, otherwise it could have resulted in potentially unsafe
conditions. 

ICS are computer-based systems used to monitor and control industrial
processes and critical infrastructure, including Supervisory Control and Data
Acquisition (SCADA) systems, Distributed Control Systems (DCS), and
Programmable Logic Controllers (PLC). 

By gaining access, cybercriminals can disrupt power grids, water supplies,
manufacturing lines, or transportation networks, causing widespread damage 
and safety risks. For hacktivists, exploiting ICS is a way to gain media
attention, discredit organizations, and undermine Canadas reputation, the
report further stated. 

The problem with ICS systems is in unclear division of roles and
responsibilities, the Canadian government stressed in the report, saying they
often create gaps which leave critical systems unprotected. 

To tackle the problem, businesses operating ICS systems need effective
communication and collaboration. 

That communication implies proper inventory, documentation, and protection of
internet-connected assets, as well as making sure managed services are
implemented securely, maintained throughout their lifecycle and based on
clearly defined requirements. 

It also means businesses should implement Virtual Private Networks ( VPNs ),
two-factor authentication ( 2FA ), and a strong active threat detection
system. 

Regular penetration testing and continuous vulnerability management are also
advised. 

======================================================================
Link to news story:
https://www.techradar.com/pro/security/canada-says-hacktivists-breached-water-
and-energy-facilities

$$
--- SBBSecho 3.28-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 206 300 307 317 400 426 428 470 664
SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45
SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35
PATH: 2320/105 229/426