愛污传媒

The discovery that Ontario鈥檚 main electricity distributor allegedly had an IP address compromised by Russian hackers is 鈥渁 wake-up call鈥� and should put Canadians on high alert for their personal cyber security, according to a technology analyst.

U.S. Homeland Security and the FBI found an IP address from Hydro One during an investigation into malicious cyber-activity allegedly linked to the hacking of the Democratic National Committee. Six other Canadian computer addresses were swept up in the digital search 鈥� including an IP address from an Alberta-based internet provider.

Hydro One told 愛污传媒 that the IP address was not connected to Ontario鈥檚 electricity grid and is 鈥渘ot an active IP address at Hydro One.鈥� The company added that it takes cyber security seriously and that there are no concerns that the province鈥檚 power system was compromised.

CTV technology analyst Carmi Levy says the finding is still a major cause for concern.

鈥淭his is very significant because it means whatever security processes are being used to secure that particular IP address 鈥� they are absolutely inadequate if they can be breached by a hacker and then compromised in some way,鈥� Levy told 愛污传媒.

Last week, U.S. officials found a malware code known as 鈥淕rizzly Steppe鈥� on a laptop belonging to one of Vermont鈥檚 two main electric utility companies. Homeland Security and the FBI later released a list of hundreds of IP addresses said to be targeted by malicious cyber activity.

Russia has denied any responsibility in the cyberattacks, and President-elect Donald Trump has cast doubt on the reports.

The alleged 鈥淕rizzly Steppe鈥� hack follows the pattern of a 鈥渮ombie attack鈥� in which a hacker remotely scours the internet for vulnerable computers, laptops, servers or networks anywhere in the world.

鈥淎nd then they use malware to infiltrate them, and then they launch attacks from there,鈥� Levy explained.

Since a zombie attack can be carried out remotely, it can be difficult to pinpoint a particular country or hacker involved.

鈥淚t also makes it more difficult to trace the attack back to the actual perpetrator,鈥� Levy explained.

IT security expert Jean-Francois Sauriol said it鈥檚 鈥渦nsettling鈥� to learn that a Hydro One IP address was named in the U.S. investigation, but he cast doubt on fears of an attack on Ontario鈥檚 electric grid and suggested that any major threats would鈥檝e been caught fairly quickly.

鈥淭hey鈥檙e a critical infrastructure organization. I suspect their protection mechanisms are quite robust,鈥� said Sauriol.

The Canadian links connected to the largescale U.S. investigation highlight the importance of securing all digital properties 鈥� even personal computers, Levy said.

鈥淚f a large utility can be compromised, then basically it means that anyone or anything can be compromised. Even if you are an individual with one laptop working out of your home, anyone is potentially targetable in this way. We should all be concerned. This touches all of us.鈥�

Ukraine鈥檚 power grid was hit by a sophisticated cyberattack in Dec. 2015 after three electric power companies were hit, causing a blackout for more than 225,000 customers.