KRG still in ‘recovery mode’ after June cybersecurity incident
‘Forensic audit’ planned to investigate what happened and find ways to strengthen system
Kativik Regional Government is still recovering from a cybersecurity incident that “crippled” its network back in June. (File photo by Jeff Pelletier)
Kativik Regional Government is still recovering from a cybersecurity breach that hit much of its communications network earlier this summer.
The incident was detected June 25 and for a week afterward, KRG’s internal phones and emails were shut down and communications between Nunavik’s 14 communities were at a standstill.
In a presentation to KRG’s council meeting Monday, administration director Daryl Combden told councillors the network is working well but still hasn’t fully returned to how it was before the breach.
“We were crippled to almost a standstill,” Combden said of the incident.
“KRG, along with external cybersecurity specialists, have been returning and have returned much of the KRG [information technology] infrastructure to a normal course of operations, but we are still in the recovery mode.”
Since the initial breach, KRG has sent staff to all Nunavik communities to make upgrades to cybersecurity infrastructure, Combden said.
He noted cyber attacks are becoming more common and that KRG is working to ensure the network is resilient and can withstand them.
“We’ve identified replacement infrastructure components that, once installed, will bring the KRG to a sufficient level of security to prevent against future threats,” he said.
“The attackers are getting more and more complex, brazen in their attempts, so we are trying again to stay one step ahead of them.”
In all the villages, Combden said, KRG has “installed advanced security monitoring tools on all user end points and devices.”
Stephen Grasser, the regional councillor for Salluit, asked Combden whether there was a significant leak of people’s personal data during the incident. He also wanted to know if it was a malicious or extortionist attack.
“As of this morning, I can tell you that we have 24/7 monitoring of any leaks and there’s no leaks as of now,” Combden said in response.
He said the cause of the incident remains unknown.
Combden told councillors a forensic audit is planned that will aim to answer questions about how the breach happened and what else can be done to prevent one from happening again.
“This audit will assist us [in] identifying the root cause of the incident, assess the impact and strengthen KRG’s security measures to prevent a similar incident from happening in the future,” he said.
I wonder if this was an inside job to divert attention of their lack or service providing? MPW sucks.
More than likely it is a competence issue.
It’s time for a seat sale , one way ticket for cleansing of the clutter at that building and attachments. Too many comfortable nothingness doing their namesake roles. Like many other buildings in kuujjuaq. One way tickets to the south should be discussed at next general gathering. Allowing them to give their department speech and departure speech as well.
Classic Legalt move. Stir up some BS in one hand so the public dont look at the other hand. Since the KRG is a branch of the QC gouvernment, I wonder if it was his direction to attack KRG systems LOL far fetched, not true… but yea, KRG is a lost cause.
“communications between Nunavik’s 14 communities were at a standstill”??
Where did Nunatsiaq news get that information?
No communications were affected except those to and from the KRG office in Kuujjuaq. Phone calls, emails, faxes, etc between the villages went on as usual. Hardly anyone noticed the lack of communication from KRG.