OTTAWA – The National Research Council took down parts of its website after it was hit with a “cyber incident.”
A brief statement on the council’s main webpage Monday did not specify what kind of incident occurred or which applications had been taken offline.
In an email, a spokesperson said actions were taken immediately when the incident was detected on Friday.
“We are working closely with Government of Canada partners such as Shared Services Canada, the Treasury Board Secretariat and the Canadian Centre for Cyber Security in response to this incident,” media relations manager Matt Ellis said.
The council declined to comment further, citing an ongoing investigation. Questions about the nature of the incident were not answered.
However, Canada’s largest federal research organization has been targeted in the past.
In 2014, a Chinese state-sponsored actor stole more than 40,000 files, including intellectual property, research and business information from the council’s partners.
The debilitating attack cost more than $100 million to fix, and a number of government organizations were involved.
Those details came to light last month in a report by the National Security and Intelligence Committee of Parliamentarians, which found gaps in the country’s cyberdefences that could leave government agencies vulnerable to attacks.
The report cited several key weaknesses, including the fact that Crown corporations are not subject to Treasury Board cyber-related directives or policies, and are not obligated to obtain cyberdefence services from the government, placing their data at risk.
Crown corporations — and governments in general — are known to be highly attractive targets for cyberattacks, the report said.