In February 2011, news sources revealed that theGovernment of Canada sufferedcyber attacks by foreign hackers using IP addresses fromChina. The hackers managed to infiltrate three departments within the government and transmit classified information back to them. The attacks resulted in the government cutting off internet access in the departments affected and various responses from both the Canadian government and the Chinese government.
In May 2010 a memo by theCanadian Security Intelligence Service (CSIS) from 2009 was released to the public that warned thatcyber attacks on Canadian government, university, and industry computers was showing growth in 2009 and that the threat of cyber attacks was "one of the fastest growing and most complicated issues" facing CSIS.[1]Minister of Public SafetyVic Toews stated in January 2011 that cyber attacks are a serious threat to Canada and that attacks on government computers have grown "quite substantial." In the fall of 2010 the federal government began to strategize ways to prevent cyber attacks and create response plans, which would include $90 million over five years in combating cyber threats.[2]
Auditor GeneralSheila Fraser has previously warned that the federal government's computer systems risk being breached. In 2002 she stated that the government's internet security was not adequate and warned that it had "weaknesses in the system" and urged improving security to deal with the vulnerabilities.[3] In 2005 she said the government still has to "translate its policies and standards into consistent, cost-effective practices that will result in a more secure IT environment in departments and agencies."[4]
The cyber attack was first detected in January 2011 and implemented as aphishing scheme. Emails with seemingly innocuous attachments were sent, supposedly by known public servants. The attachments containedmalware which infected the computer and exfiltrated key information such as passwords. This information, once sent back to the hackers, could then be used to remotely access the computer and forward the email (with infecting attachment) onto others in order to proliferate the virus.[5]
Affected departments includedTreasury Board and the federalFinance Department, as well as aDND agency advising the Canadian armed forces on science and technology.[6] Once detected, Canadian cybersecurity officials shut down all internet access from these departments in order to halt the exfiltration of information from hijacked computers. This left thousands of public servants without internet access.[5]
While the cyber attacks were traced back to Chinese IP addresses, there is "no way of knowing whether the hackers are Chinese, or some other nationality routing their cybercrimes through China to cover their tracks".[5]
When the attacks were detectedinternet access in the two departments was shut down to prevent stolen information from being sent back to the hackers. ThePrime Minister's office have only claimed the hackers made an "attempt to access" servers and did not comment further.[5] A spokesman for Treasury Board MinisterStockwell Day said there were no indications that any data related to Canadians was compromised.[6] CSIS officials have advised the government to not name China as the attacker and not talk about the attacks, while a government official stated Chinese espionage has become a problem for Canada and other countries.[7]
On February 17, Prime MinisterStephen Harper stated that the government has "a strategy in place to try and evolve our systems as those who would attack them become more sophisticated" and that cyber attacks are "a growing issue of importance, not just in this country, but across the world."[3] The same day, Stockwell Day also stated that the attacks weren't "the most aggressive [attack] but it was a significant one, significant that they were going after financial records."[8]
The Chinese government has denied involvement in the attacks. Foreign Ministry SpokesmanMa Zhaoxu said at a press conference on February 17 that the Chinese government opposes hacking and other criminal acts, saying that "the allegation that China supports hacking is groundless."[9]