Manitoba government websites crash was due to cyberattack: spokesperson

The unplanned service disruption that rendered government of Manitoba websites unreachable Thursday was the result of a cyberattack, a provincial spokesperson confirmed Friday.

The sites went offline at some point Thursday morning and were inaccessible for most of the day. At the time, a provincial spokesperson said the interruption was related to network and server infrastructure.

"While there were no initial indications it was a deliberate attack, as the investigation progressed it was determined the outage had been caused by external activity," the spokesperson said in an email Friday.

He added it "would be accurate to describe this as a cyberattack, but there has been no ransom demand."

Additional security measures have since been added and external experts have been brought in to review the province's safeguards, the spokesperson said. 

DDoS attack likely culprit: expert 

Government websites were down in several other jurisdictions Thursday, including Saskatchewan, Yukon, and Prince Edward Island.

Officials in those jurisdictions said attackers were using the so-called distributed denial of service, or DDoS, tactic.

That type of cyberattack essentially overwhelms a website with artificial traffic, forcing it to shut down to protect itself, said cybersecurity and technology analyst Ritesh Kotak.

"The easiest way to think about this is, just think of a physical building and you have one door," he said. 

"But imagine all of a sudden you have thousands of people trying to get in at the same time. The door essentially can't hold up."

The Manitoba spokesperson couldn't confirm whether a DDoS attack was behind the province's website crashes on Thursday.

But Kotak said "external activity" would imply a DDoS attack, unless there was an issue with a third-party vendor.

In this case, it appears that attackers were targeting public-facing websites in order to cause reputational damage, not trying to gain access to sensitive information or data, he said. 

"Why? Because you now need to investigate exactly what happened, you're going to have to put additional protocols in place. This stuff is not cheap," he said. 

"So that's why these hackers will mobilize and literally try to take down sites such as the provincial government websites."

DDoS attacks can very difficult to prevent, but there are things governments can do to protect themselves, such as ensuring any internal data is encrypted and having alerts in place to notify them immediately if any data is compromised, said Kotak.