information technology in the news

In October 2025, the Canadian Centre for Cyber Security (Cyber Centre) and the Royal Canadian Mounted Police (RCMP) issued an alert called AL25-016, which warned that hacktivists had compromised several industrial control systems (ICS) in Canada that had access to the internet. Affected systems included a municipal water facility, an oil and gas company’s tank gauge system, and a grain silo (The Register, 2025). These incidents show that ICS devices are targeted more as critical infrastructure becomes more connected to the internet. Industrial control systems manage processes like power generation and water distribution. The Cyber Centre’s alert said that hacktivists had access to devices capable of connecting to the internet and changed parameters like water pressure and tank readings (Canadian Centre for Cyber Security, 2025). These attacks were not highly sophisticated but were motivated by disruption and visibility rather than financial gain (The Register, 2025). ICS environments are usually vulnerable because many were designed decades ago with little regard for cybersecurity. These devices used to be independent and isolated from the internet, but now are often integrated with IT environments for monitoring and efficiency, creating new security risks. (Cybersecurity Dive, 2025). The central issue highlighted by these attacks is the absence of strong cybersecurity governance for critical infrastructure. Many systems remain directly accessible online, lack authentication, and are managed by small organizations such as municipalities or farms without dedicated cybersecurity staff (Canadian Centre for Cyber Security, 2025). Additionally, accountability among different government levels and private operators remains unclear. Sectors like water management, agriculture, and manufacturing often fall outside established regulatory frameworks, leaving major gaps in oversight. These events may prompt the development of stronger cybersecurity policies and legislation. First, Canada could introduce mandatory cybersecurity standards for ICS operators, similar to the North American Electric Reliability Corporation’s Critical Infrastructure Protection (NERC CIP) standards in the United States. Policies like this would require asset inventories, network segmentation, access control, and regular vulnerability assessments. Second, mandatory incident reporting laws should replace the current voluntary approach, improving national awareness and response coordination. Third, policymakers could establish liability measures for operators that expose critical systems without proper security. Finally, federal programs could provide funding and guidance to help smaller operators meet baseline security requirements. The main stakeholders include infrastructure operators, government agencies, and the public. Operators are responsible for securing their systems. The Cyber Centre and RCMP lead detection, coordination, and public guidance efforts, while provincial governments oversee local utilities. Equipment vendors must design stronger security controls into ICS devices. Cybersecurity professionals must bridge the knowledge gap, and apply network defense principles to industrial settings. The public depends on these systems for essential services. This incident shows a shift in the threat landscape. Hacktivists, rather than nations or cybercriminals, now have the capability to disrupt physical infrastructure. Because legacy ICS technology prioritizes uptime over security, implementing modern security protections is difficult and expensive, especially for small organizations. Canada’s fragmented regulatory system shows this issue, creating uneven protection across sectors. The Cyber Centre (2025) emphasized the need for clear communication, defined roles, and continuous assessment to strengthen national resilience. For information professionals, the event underscores the growing need for interdisciplinary expertise. Cybersecurity practitioners must understand industrial processes, embedded systems, and safety mechanisms, not just digital networks. Responding to incidents in ICS environments requires an understanding of both cyber and physical safety impacts. From a societal perspective, the attacks demonstrate that cybersecurity failures can have real world consequences for public health, the environment, and economic stability. Citizens expect reliable essential services, and policymakers must treat cybersecurity as a component of public safety. In conclusion, the 2025 Canadian ICS incidents highlight a gap between technological modernization and the security frameworks meant to protect it. The core problem lies in legacy systems, weak oversight, and inconsistent standards across sectors. To close this gap, countries with these devices should adopt standards and enforce mandatory reporting.

References Canadian Centre for Cyber Security. (2025, October 29). Alert – AL25-016: Internet-accessible industrial control systems (ICS) abused by hacktivists. Government of Canada. https://www.cyber.gc.ca/en/alerts-advisories/al25-016-internet-accessible-industrial-control- systems-ics-abused-hacktivists

Cybersecurity Dive. (2025, October 30). Canadian authorities warn of hacktivists targeting exposed ICS devices. https://www.cybersecuritydive.com/news/canadian-warn-hacktivists-exposed-ics- devices/804244/

The Register. (2025, October 30). Cyber-punks mess with Canada’s water, energy, and farm systems. https://www.theregister.com/2025/10/30/hacktivists_canadian_ics_systems/