Canadian Engineering Giant Targeted in Cyber Attack with Connections to Military Bases and Power Plants

Canadian engineering giant Black & McDonald has been hit by a ransomware attack, though they have refused to publicly comment on the incident. The Department of National Defence and other clients of the company have downplayed any impact or damage, with the Ontario Power Generation (OPG) conducting an immediate investigation and finding no impact on their operations.

Experts are concerned, however, as the attack on Black & McDonald represents a far greater threat to Canada's national security and critical infrastructure than the attack on Indigo Books & Music Inc. that occurred in February 2023. Details about the breach are scarce, but it was first reported to Defence Construction Canada, who handles contracts with companies for the support and maintenance of military bases.

Black & McDonald and its subsidiary Canadian Base Operators have several multimillion-dollar contracts with the Defence Department, and they also provide engineering and construction services for critical infrastructure projects. Cybersecurity officials have been warning for years about the need to strengthen Canada's cyber defences when it comes to critical infrastructure, with a data breach in Newfoundland late last year and other reported attacks on defence firms in the past year.

How to Protect Your Business from Ransomware Attacks

Chris Close, a cyber security expert from Cyber Sleuth Security, a leader in security operations, believes that businesses can protect themselves from ransomware attacks by taking proactive steps.

"Ransomware attacks are becoming increasingly common, so it's important for businesses to take the necessary measures to protect their data," said Close. "First and foremost, businesses should ensure that their security systems are up to date. This means making sure that all software and hardware is running the latest version and that any vulnerable systems have been patched."

Close also suggests that businesses create and maintain strong passwords for all of their systems and data. "Passwords should be long and complex enough to stymie any attackers," said Close. "Businesses should also educate their employees on best practices for password creation and management."

Finally, Close recommends that businesses back up their data regularly. "Data backups should be stored securely and offsite so that if the worst happens, businesses can restore their data without having to pay the ransom," he said. "That way, businesses can protect against the worst-case scenario and still maintain access to their data."

Source

Cyber attack hits engineering giant with contracts for military bases, power plants