Print 49 comment(s) - last by messyunkempt.. on Feb 22 at 5:18 AM

Canada's armed forces were no match for a sophisticated cyber-attack from China. The Canadian government has only recently regained control of its affected servers and started to restore them to operation.  (Source: Top News/AFP)

Sources close to the CSIS -- Canada's CIA equivalent -- say that the attack was part of operation GhostNet, the Chinese campaign that also penetrated U.S. and Indian government servers.  (Source: CSIS)
Government of Canada refuses to report how much information may have been lost

Its a well known fact that hackers based out of China have been probing and attacking servers of the U.S. government and its contractors.  Often these attacks have been mildly successful in stealing quantities of information.  Now U.S. neighbor Canada appears to have become the latest victim of Chinese cyber-aggression.
Prime Minister Stephen Harper released a short statement on Thursday confirming that the government had encountered an "attempt to access" government information by foreign agents.  The government would not confirm where that attempt came from or what information may have been stolen.

But sources have told Canada's leading news network, CBC, that the attacks were traced to servers in China [report].  They add that the attack took at least two major government departmental sites offline and gained highly confidential classified information off government servers.

According to sources, the servers penetrated belonged to Canada's Finance Department and Treasury Board.  Those sources said the attackers stole key passwords (sounds like a phishing scheme) to gain access to the machine.  The sources say that the government is unsure whether servers containing Canadian citizens' tax and health records were compromised.

The attackers used a technique dubbed "executive spear-phishing".  Using that method they seized control of Canadian government officials’ individual machines via typical infection modes.  Once they had access, they began to send emails from the officials' computers, asking for passwords to various servers.  As the emails originated from a legitimate source, many government officials gave up these passwords.  States one source about the method, "There is nothing particularly innovative about it. It's just that it is dreadfully effective."

Michel Juneau-Katsuya, a security analyst and former officer with the Canadian Security Intelligence Service (Canada's equivalent of the CIA) went on the record to say that "all indications point at China" as the origin of the attacks.  He believes that the attack was orchestrated by China's semi-independent "patriotic-hackers" and was driven by China's view that Canada is "a land of opportunity to get natural resources that they need so, so much."

Despite being forced to shut down hundreds of servers in January after the leak was detected, Canada did its best to keep the incident quiet.  Meanwhile Canada's Communications Security Establishment Canada (CSE), a little known branch of the Canadian military rushed to try to diagnose the extent of the attack and regain control.

The attacks are thought to be part of the broader GhostNet operation in China.  It is unknown exactly to what extent the hackers are cooperating with or endorsed by the Chinese government.  But it seems highly likely that they are receiving at least some support from the leadership of China, given that they remain in operation.

The attacks may be largely financially motivated.  While it is tempting to think that China's cyber-assault is a prelude to some sort of military activity, more likely the highly profit-driven nation is merely stealing valuable financial information with which to drive its GDP even higher.  The initially targeted Canadian government departments are evidence of this.

The uneasy question of how to deal with the superpower's cyber-aggression is one that the international community has not yet find a good countering solution.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By RdBiker on 2/17/2011 10:58:01 AM , Rating: 2
Can't they do anything about this? I know its impossible to make systems 100% safe so shouldn't the international community do (or at least try to do) something to stop China from committing these crimes.

I sure hope the US has their own hackers probing Chinese government systems in return...

RE: Goddammit
By woofersus on 2/17/2011 11:18:42 AM , Rating: 5
Sure, they could remind government officials with access to confidential and/or classified information should NEVER EVER EVER EVER SEND PASSWORDS IN AN EMAIL!!!!!!!!

This is basic stuff. User education has to be a primary concern here.

RE: Goddammit
By woofersus on 2/17/2011 11:19:39 AM , Rating: 2
Heh, by "should" I meant "to."

RE: Goddammit
By RedemptionAD on 2/17/2011 12:02:02 PM , Rating: 2
Modern schemes, you don't have to send it , just click open the email.

RE: Goddammit
By Chudilo on 2/17/2011 12:09:19 PM , Rating: 2
Passwords authentication to things is on the way out. It's about time we shifted to something more reliable like certificate exchange and encryption. This way human error could be eliminated.

RE: Goddammit
By woofersus on 2/17/2011 9:53:37 PM , Rating: 2
That's not what the article says happened. And while there are trojan attacks that can exploit vulnerabilities in browsers or email clients, it's actually extremely rare that anybody gets infected only by viewing an email no matter what people on Facebook are claiming about how their account got hacked. I did computer repair and basic network setup and maintenance for several years and by far the number 1 culprit was users that open attachments and click on links or fall for phishing scams. Sometimes they even intentionally install the offending software because a window popped up saying it would make their computer faster or some such thing.

Like I said, this isn't rocket science or advanced IT territory. It's right up there with "don't leave your laptop full of government secrets on the seat of your car with the windows down." I'm sure there were millions spent on all kinds of network security experts, but apparently not much on educating users on how to be safe online.

I understand these people got an email that appeared to be from a superior, but that's why they need to be educated on why that's not safe - just like you should all know that your bank will NEVER EVER ask you to verify your social security number in an email. It's extremely shortsighted not to be putting energy into that.

RE: Goddammit
By RedemptionAD on 2/18/2011 9:23:11 PM , Rating: 2
To attack a governtment computer they don't put forth the same system they would to attack a civilian computer. To target a gov level system you put a bit more on the backend that wouldn't get done for general public based attack. A few more steps to the dance so to speak. But its just as invisible to the general governement person running a computer.

RE: Goddammit
By Flunk on 2/17/2011 4:41:06 PM , Rating: 2
No, because they can't with conclusively proven that the Chinese government is responsible or even aware of these hacking attempts.

RE: Goddammit
By AnnihilatorX on 2/17/2011 6:45:36 PM , Rating: 5
shouldn't the international community do (or at least try to do) something to stop China from committing these crimes. I sure hope the US has their own hackers probing Chinese government systems in return...

So your points are:
1. Hacking is a crime
2. Chinese committed these crimes
3. You hope US go and commit the same crime as well

Isn't that very hypocritical?

RE: Goddammit
By mcnabney on 2/18/2011 11:14:26 AM , Rating: 2
We could always fall back on a more reliable method of discouraging attacks.

Like dropping bombs on cities.

That worked well in the past.

RE: Goddammit
By tim851 on 2/19/2011 3:04:53 AM , Rating: 2
Once you figure out the difference between Korea/Vietnam/Iraq/Afghanistan and China, you get why dropping bombs on cities might not be a very good idea...

RE: Goddammit
By wordsworm on 2/21/2011 8:05:33 PM , Rating: 2
You may not realize this but China's also got a nuclear arsenal, and adequate rocket technology to hit a satellite. Knowing this is the same as knowing that they can hit anyone on the planet with their nuclear bombs. Let's see if Canada can't pit its eight submarines, its pre 70s built airforce/navy (army too perhaps?) can't take on a modern China over a little cyber espionage?

I think if China's million standing army had nothing but sticks and stones they could defeat Canada's military.

RE: Goddammit
By Bloodknight on 2/18/2011 9:38:24 AM , Rating: 3
There is almost 100% solution .... do not connect those computer to a network which have internet... simple as that.

RE: Goddammit
By DougF on 2/18/2011 11:25:17 AM , Rating: 2
Don't know about you guys, but it's fairly obvious to me that playing only defense will cause you to lose, everytime. And it seems that's all we are doing--playing defense. Why aren't there reactive systems that disable intruding computers? I realize many are from 'bot nets, but it would shut down that avenue when computers start getting smoked from fans that don't work or chips that become overclocked, or whatever, when a stuxnet version hits out at computers/servers that hack government (or anyone's) computer. And when someone's remote controlled computer dies, maybe they'll take better precautions to stop their computers from being used like that in the future.

If someone attacks my house, even if they are mistaken, or "programmed", or under someone's control, I have the right to defend myself through actions necessary to deter or possibly kill the intruder. Just putting "bad guys not wanted" doormats out, locks on the doors and windows, and peeking through the blinds isn't the enough. I should do those things (depending on how safe my neighborhood is), but I also have the right/responsibility to terminate whatever is attacking me. I think that basic right should translate to my computers as well. If your dog is attacking my dog, I have the right to shoot your dog (I live in the country), I'm gonna try to shoo your dog away, I'll even try to use the hose or a BB gun to stop the attacks. But if the attacks continue, I have no qualms about killing the dog attacking my dog. The same principle should apply to computer attacks, no matter how far away the physical assets may be.

RE: Goddammit
By Ammohunt on 2/18/2011 5:51:19 PM , Rating: 2
Sure we can! just cut China off from the internet.

By torpor on 2/17/2011 11:35:16 AM , Rating: 3
No! Canada is peaceful! They have no weapons, you can't possibly...

RE: No!
By carniver on 2/17/2011 3:26:36 PM , Rating: 4
Security through obscurity doesn't work. Neither does security through lack of adversaries.

RE: No!
By torpor on 2/17/2011 5:38:50 PM , Rating: 4
Tell that to Alderaan.

RE: No!
By Omega215D on 2/18/2011 6:32:06 PM , Rating: 2
She said no. Should we still do it?


RE: No!
By bunnyfubbles on 2/17/2011 7:44:17 PM , Rating: 2
I heard they have a tank.

RE: No!
By DougF on 2/18/2011 11:03:59 AM , Rating: 2
...and it's full of maple syrup...mmmm.

RE: No!
By JediJeb on 2/18/2011 2:02:13 PM , Rating: 2
"Columbia is far too remote to provide an example of the power of our Supreme Hacking Weapon. Canada will be a much more effective demonstration of what this fully operational Battle Server can do."

"No! You can't!"

"Hack at will Commander!"

By chmilz on 2/17/2011 10:52:42 AM , Rating: 5
They got our maple syrup recipe.

RE: Damn!
By arazok on 2/17/2011 11:00:37 AM , Rating: 3

RE: Damn!
By Pirks on 2/17/2011 11:17:42 AM , Rating: 2

RE: Damn!
By Taft12 on 2/17/11, Rating: 0
RE: Damn!
By CarbonJoe on 2/17/2011 1:45:33 PM , Rating: 3
If by "tap" you meant "penis", then yes.

RE: Damn!
By darkpuppet on 2/17/11, Rating: 0
RE: Damn!
By Flunk on 2/17/2011 4:39:40 PM , Rating: 3
Wait, I thought this article said that they invaded computer systems in Canada, not England ;).

By dgingeri on 2/17/2011 10:57:37 AM , Rating: 2

RE: um....
By chmilz on 2/17/2011 11:15:48 AM , Rating: 1
Perhaps to steal the secrets of a working banking system, and our internal guide to foreign policy that makes us loved around the world. They tried to steal those from the US, but found nothing.

RE: um....
By Da W on 2/17/11, Rating: 0
RE: um....
By ClownPuncher on 2/17/2011 1:46:30 PM , Rating: 1
As a major oil supplier, I think most people would disagree with you.

RE: um....
By Da W on 2/17/2011 3:10:18 PM , Rating: 1
So by that same logic you would love Saudi Arabia and Irak?

RE: um....
By ClownPuncher on 2/17/2011 5:57:00 PM , Rating: 1
Nope, they provide a small fraction of oil purchased by my country. Canada, simply put, is a great trade partner with the US.

RE: um....
By messyunkempt on 2/22/2011 5:18:32 AM , Rating: 3
So by that same logic you would love Saudi Arabia and Irak?

Indeed! And also Iraq!

By saganhill on 2/17/2011 11:38:14 AM , Rating: 3
How can these users be so stupid as to send passwords via an email? In my company thats an offence that will get you fired.

RE: Uh?
By Dr of crap on 2/17/2011 12:30:55 PM , Rating: 4
The same way that today people still sent money to a hurt relative in Zimbabay so they can get to the states for treatment!

RE: Uh?
By bupkus on 2/17/2011 12:57:23 PM , Rating: 2

If the country is spelled wrong shouldn't that be some indication of fraud. I'm just sayin'.

Snowman Technology
By SpaceJumper on 2/17/2011 11:00:23 AM , Rating: 2
It could be the CIA agents operate in China wanting to gain access to the Canadian's Snowman technology, Alberta tar pond, and hockey scores.

RE: Snowman Technology
By nikon133 on 2/17/2011 2:53:49 PM , Rating: 3
And secret identities of Alpha Flight team!

Hey Canada, can you say BIOMETRICS?
By WIVORiley on 2/17/2011 12:45:41 PM , Rating: 2
If they went biometric, the user wouldn't even know the password to send in the first place. 'tards.

By tastyratz on 2/17/2011 3:46:48 PM , Rating: 3
There would just be a bunch of canucks without thumbs walking around

Wrong pic
By gmyx on 2/17/2011 11:29:05 AM , Rating: 2
Em... the Men in Red are not the armed forces - they are the RCMP, a national police force.

RE: Wrong pic
By n0ebert on 2/17/2011 12:07:28 PM , Rating: 2
I think that's the idea behind the joke.

By Suntan on 2/17/2011 11:28:52 AM , Rating: 3
Heard ring through the halls of the CSIS one morning…

“Hey Hoser, who logged onto our confuser, eh?”


Of course this happened.
By semiconshawn on 2/17/2011 3:41:15 PM , Rating: 1

Peter Griffin

RE: Of course this happened.
By Harywood on 2/18/2011 12:05:13 AM , Rating: 2
Yeah - you suck LOSER!

Reset passwords?
By nafhan on 2/17/2011 11:22:53 AM , Rating: 2
Between tax and health information, you'd probably have enough info to reset passwords (or create new accounts) on most banking and other websites.
Two factor authentication, people, please!

"It's okay. The scenarios aren't that clear. But it's good looking. [Steve Jobs] does good design, and [the iPad] is absolutely a good example of that." -- Bill Gates on the Apple iPad

Most Popular Articles5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
Automaker Porsche may expand range of Panamera Coupe design.
September 18, 2016, 11:00 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM
No More Turtlenecks - Try Snakables
September 19, 2016, 7:44 AM
ADHD Diagnosis and Treatment in Children: Problem or Paranoia?
September 19, 2016, 5:30 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki