'Chinese' hackers launch massive attack on govt

It was early January when the first signs of a cyber intrusion became evident at Canada's Treasury Board – the branch of government responsible for fiscal control and human resources. Within days, staff members in Ottawa were being ordered not to use the department's network connections.

For several mid-winter weeks, rumours swirled around the nation's capital that many of its employees were working from home or at coffee shops, wherever they could get internet access.

On February 17, Treasury Board President Stockwell Day confirmed many people's worst fears: his department, along with the Department of Finance, had been the target of a massive attack. The assault was “significant", he said, but added that security officials had quickly “slammed the door” on the intruders.

But no one is sure of the extent of the damage.

Hours after Day's admission, CBC News revealed that Defence Research and Development Canada – a civilian agency of the Department of National Defence – was also hit, and speculated that the damage didn't stop there.

While government officials were tight-lipped, Public Safety Minister Vic Toews told the New York Times that the forthcoming federal budget had not been compromised, a critical point because the future of the government is expected to hinge on the acceptance of its budget by opposition parties.

What is clear is that the hackers were using Chinese IP addresses, and entered the government networks by spear phishing downwards through layers of the bureaucracy.

They commandeered the email addresses of senior officials and infected the computers of lower-level public servants by sending viral PDF documents under the senior bureaucrat's name. As news of the attack spread, other government departments and agencies warned employees not to open email messages with webmail addresses, even if they recognized the sender's name.

The attacks gave credence to the warning of Canada's Auditor General Sheila Fraser, issued in 2005, that the federal government's networks had serious weaknesses.

Late last year, the Government said it will invest $C90 million ($A90 million) over five years in network security.

Critics said that the British Government will invest the equivalent of $1.1 billion over the same period, while the US earmarked $40 billion to its Comprehensive National Cybersecurity Initiative.

This article originally appeared at scmagazineus.com