Hackers Attack Canadian Government, Gain Access To Highly Classified Information

February 17th, 2011

Hackers Attack Canadian Government, Gain Access To Highly Classified Information

According to CBC News, an unprecedented cyberattack on the Canadian government, apparently from China, has given foreign hackers access to highly classified federal information and forced at least two key departments off the internet.

The attack, first detected in early January, left Canadian counter-espionage agents scrambling to determine how much sensitive government information may have been stolen and by whom. Highly placed sources tell CBC News the cyberattacks were traced back to computer servers in China. They caution, however, that there is no way of knowing whether the hackers are Chinese, or some other nationality routing their cybercrimes through China to cover their tracks.

The government initially issued a terse statement, passing it all off as merely an “attempt to access” federal networks. It has refused to release any further information. Sources have confirmed, however, that the attackers successfully penetrated the computer systems at the federal government’s two main economic nerve centres, the Finance Department and Treasury Board.

The hackers apparently managed to take control of computers in the offices of senior government executives as part of a scheme to steal the key passwords that unlock entire government data systems. It is unclear whether the attackers were able to compromise other departmental computer networks, including those that contain Canadians’ sensitive personal information such as tax and health records.

Once the attack was detected in early January, government cybersecurity officials immediately shut down all internet access in both departments in an attempt to stop stolen information from being sent back to the hackers over the net. The move left thousands of public servants without internet access, although officials in both affected departments report service has slowly been returning to normal since the attack.

The hackers, posing as the federal executives, sent emails to departmental technical staffers, conning them into providing key passwords unlocking access to government networks. At the same time, the hackers sent other staff seemingly innocuous memos as attachments. The moment an attachment was opened by a recipient, a viral program was unleashed on the network.

The program hunts for specific kinds of classified government information, and sends it back to the hackers over the internet.

Auditor-General Sheila Fraser, for one, first raised the alarm in 2002 when she warned “there are weaknesses in the system. “There are access controls that need to be fixed; there are a whole series of minimum security issues that are not being dealt with. There are vulnerabilities. Government needs to fix them.” Three years later, Fraser checked again and found not much had changed.

Credit: CBC.ca News

Share this item with others:

More on CyberInsecure:

Military US Base Systems In Afghanistan And Iraq Hit By A Virus, At Least One Classified Network Penetrated

Two Severe Flaws In Opera Browser

U.S. Government Contractor Northrop Grumman Suspends Remote Network Access, Raising Cyber Attack Suspicions

White House Network Hacked By Chinese On Multiple Occasions

Turkish Prime Minister Website Hacked In Prostest Of Pay Increase Proposal

Posted in Breaches And Incidents, Cybercrime, Data Theft, Hacked, Phishing, Targeted Attacks |

Print This Post

This entry was posted on Thursday, February 17th, 2011 at 4:47 am and is filed under Breaches And Incidents, Cybercrime, Data Theft, Hacked, Phishing, Targeted Attacks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.