Print 49 comment(s) - last by messyunkempt.. on Feb 22 at 5:18 AM

Canada's armed forces were no match for a sophisticated cyber-attack from China. The Canadian government has only recently regained control of its affected servers and started to restore them to operation.  (Source: Top News/AFP)

Sources close to the CSIS -- Canada's CIA equivalent -- say that the attack was part of operation GhostNet, the Chinese campaign that also penetrated U.S. and Indian government servers.  (Source: CSIS)
Government of Canada refuses to report how much information may have been lost

Its a well known fact that hackers based out of China have been probing and attacking servers of the U.S. government and its contractors.  Often these attacks have been mildly successful in stealing quantities of information.  Now U.S. neighbor Canada appears to have become the latest victim of Chinese cyber-aggression.
Prime Minister Stephen Harper released a short statement on Thursday confirming that the government had encountered an "attempt to access" government information by foreign agents.  The government would not confirm where that attempt came from or what information may have been stolen.

But sources have told Canada's leading news network, CBC, that the attacks were traced to servers in China [report].  They add that the attack took at least two major government departmental sites offline and gained highly confidential classified information off government servers.

According to sources, the servers penetrated belonged to Canada's Finance Department and Treasury Board.  Those sources said the attackers stole key passwords (sounds like a phishing scheme) to gain access to the machine.  The sources say that the government is unsure whether servers containing Canadian citizens' tax and health records were compromised.

The attackers used a technique dubbed "executive spear-phishing".  Using that method they seized control of Canadian government officials’ individual machines via typical infection modes.  Once they had access, they began to send emails from the officials' computers, asking for passwords to various servers.  As the emails originated from a legitimate source, many government officials gave up these passwords.  States one source about the method, "There is nothing particularly innovative about it. It's just that it is dreadfully effective."

Michel Juneau-Katsuya, a security analyst and former officer with the Canadian Security Intelligence Service (Canada's equivalent of the CIA) went on the record to say that "all indications point at China" as the origin of the attacks.  He believes that the attack was orchestrated by China's semi-independent "patriotic-hackers" and was driven by China's view that Canada is "a land of opportunity to get natural resources that they need so, so much."

Despite being forced to shut down hundreds of servers in January after the leak was detected, Canada did its best to keep the incident quiet.  Meanwhile Canada's Communications Security Establishment Canada (CSE), a little known branch of the Canadian military rushed to try to diagnose the extent of the attack and regain control.

The attacks are thought to be part of the broader GhostNet operation in China.  It is unknown exactly to what extent the hackers are cooperating with or endorsed by the Chinese government.  But it seems highly likely that they are receiving at least some support from the leadership of China, given that they remain in operation.

The attacks may be largely financially motivated.  While it is tempting to think that China's cyber-assault is a prelude to some sort of military activity, more likely the highly profit-driven nation is merely stealing valuable financial information with which to drive its GDP even higher.  The initially targeted Canadian government departments are evidence of this.

The uneasy question of how to deal with the superpower's cyber-aggression is one that the international community has not yet find a good countering solution.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Goddammit
By DougF on 2/18/2011 11:25:17 AM , Rating: 2
Don't know about you guys, but it's fairly obvious to me that playing only defense will cause you to lose, everytime. And it seems that's all we are doing--playing defense. Why aren't there reactive systems that disable intruding computers? I realize many are from 'bot nets, but it would shut down that avenue when computers start getting smoked from fans that don't work or chips that become overclocked, or whatever, when a stuxnet version hits out at computers/servers that hack government (or anyone's) computer. And when someone's remote controlled computer dies, maybe they'll take better precautions to stop their computers from being used like that in the future.

If someone attacks my house, even if they are mistaken, or "programmed", or under someone's control, I have the right to defend myself through actions necessary to deter or possibly kill the intruder. Just putting "bad guys not wanted" doormats out, locks on the doors and windows, and peeking through the blinds isn't the enough. I should do those things (depending on how safe my neighborhood is), but I also have the right/responsibility to terminate whatever is attacking me. I think that basic right should translate to my computers as well. If your dog is attacking my dog, I have the right to shoot your dog (I live in the country), I'm gonna try to shoo your dog away, I'll even try to use the hose or a BB gun to stop the attacks. But if the attacks continue, I have no qualms about killing the dog attacking my dog. The same principle should apply to computer attacks, no matter how far away the physical assets may be.

"So, I think the same thing of the music industry. They can't say that they're losing money, you know what I'm saying. They just probably don't have the same surplus that they had." -- Wu-Tang Clan founder RZA

Most Popular ArticlesSmartphone Screen Protectors – What To Look For
September 21, 2016, 9:33 AM
UN Meeting to Tackle Antimicrobial Resistance
September 21, 2016, 9:52 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM
5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
Update: Problem-Free Galaxy Note7s CPSC Approved
September 22, 2016, 5:30 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki