The International Joint Commission (IJC), an organization responsible for managing lake and river systems along the US-Canada border for a century, has reported a cyberattack, following claims by the NoEscape ransomware gang that it had stolen 80 GB of data. The IJC, guided by the 1909 Boundary Waters Treaty signed by both countries, plays a crucial role in approving projects affecting water levels and flows across the border, investigating transboundary issues, and offering solutions.
On Monday, the NoEscape ransomware gang announced that it had targeted the IJC, which maintains offices in Washington, D.C., Ottawa, and Windsor. The group asserted that it had stolen contracts, geological files, conflict of interest forms, and other data from the organization. The ransomware gang provided the IJC with a 10-day deadline to respond to its ransom demand, without specifying the amount of money they were seeking to unlock the stolen files.
As of Wednesday, an IJC spokesperson acknowledged a cybersecurity incident but did not provide details about whether law enforcement had been contacted or whether the organization was experiencing operational disruptions. The spokesperson stated, "The International Joint Commission has experienced a cybersecurity incident. The organization is taking measures to investigate and resolve the situation." However, they did not address queries regarding the potential payment of a ransom.
NoEscape hackers have gained notoriety since emerging in May, claiming responsibility for attacks on various targets worldwide, including Germany's bar association, Hawaiʻi Community College, Australian companies, a Belgian hospital, and manufacturing companies in the US and the Netherlands.
The incident at the IJC is part of a broader trend wherein organizations responsible for managing and legislating water systems have increasingly become targets for cyberattacks. This year, state lawmakers and federal regulators are embroiled in legal battles over rules enacted by the Environmental Protection Agency (EPA) in March, which require cybersecurity to be included in annual state audits of public water systems.
In response to these escalating threats, the Cybersecurity and Infrastructure Security Agency (CISA) recently announced its initiative to offer free vulnerability scanning services to drinking water and wastewater systems. These systems will receive weekly automated scans that provide reports on known vulnerabilities discovered on internet-accessible assets, offer week-to-week comparisons, and suggest mitigations. CISA emphasized the vulnerability of drinking water and wastewater systems to cyberattacks and the critical role they play in community wellbeing.
This incident involving the IJC serves as a stark reminder of the growing risks facing critical infrastructure organizations and the urgent need for heightened cybersecurity efforts, particularly in sectors responsible for managing essential resources such as water systems. Cyberattacks on such organizations have the potential to disrupt services, compromise sensitive data, and impact public safety, underscoring the significance of bolstering defenses against evolving cyber threats.
A Data Breach is a situation in which information security has failed, enabling sensitive data of any kind to be accessed by unauthorized individuals despite whatever protections were in place. Data breaches have become a particular concern in recent years because such stolen data is often subsequently distributed widely, in particular on the dark web, where it is often aggregated and sold for illicit activity, identity theft, or further cyberattacks of various kinds.