Identifying information useful for cyber-attacks against Canadian critical infrastructure in online discussion forums

Critical infrastructures (CI) are connecting their systems to networks at an increasing rate, providing the opportunity for malicious actors to conduct cyber-attacks against these companies. In an attempt to understand the threats facing Canada's CI, information collected from online discussion forums was analyzed to discover frequently targeted CI companies and locations in Canada, the types of information shared within these forums, and who the main authors are in sharing threat-related posts. After analyzing IP addresses collected from 20 online discussion forums, the province of Quebec was identified as a hot-spot for cyber-threats, while the information and technology sector was targeted most frequently among sectors. A thematic analysis of posts containing keywords revealed that information useful for conducting cyber-attacks against CI is being shared within these forums. Lastly, findings from this study found two authors may be considered high-threat, in that the majority of their posts were threatening towards CI.