Canada: New attacks from China on two government departments

Canada: New attacks from China on two government departments

Summary: CBC/Radio Canada is reporting that attackers have successfully penetrated computer networks at both the Finance Department and the Treasury Board of Canada, with the first signs of the attack showing up in early January.

SHARE:
TOPICS: Security
12

CBC/Radio Canada is reporting that attackers have successfully penetrated computer networks at both the Finance Department and the Treasury Board of Canada, with the first signs of the attack showing up in early January. The crackers, following a familiar pattern, were first able to take control of computers of senior government officials and then moved to increase the plane of their attack by seeking credentials to government systems.

The CBC’s sources are attributing the attacks to originating IP addresses in China; however, that is not a clear cut sign that the attack source is actually in China which could be used as a proxy for another source of the attacks.

The only official response thus far has come from the Treasury Department, stating only that they had detected an unauthorized attempt to access their networks. As part of the incident response, once the attack was discovered Internet access at both departments was shut down in an attempt to cease the data exfiltration, affecting a few thousand public employees. Service is slowly returning according to the CBC report.

The building that formerly housed the Treasury Board.

The building that formerly housed the Treasury Board.

Confederation Building 3 by Douglas Sprott, CC 2.0

The Finance Department is responsible for planning the federal budget, designing tax policy, and developing regulations for Canada’s banking system. The Treasury Board is a Cabinet committee of the Queen’s Privy Council, responsible for federal civil service as well as serving as Comptroller General for Canada.

Attacks with espionage as their aim originating seemingly from sources in China have been not been far from the news lately. A number of firms and government institutions were breached in what was termed the Google Aurora attacks last year, the year before that the Ghostnet spy network was uncovered affecting embassies and government offices in some 103 different countries. Earlier this month, the FBI started an investigation into a series of attacks on oil, gas, and petrochemical companies in the United States.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

12 comments
Log in or register to join the discussion
  • Guys thx you foir using windows ....

    I hope that those moron in Ottawa will now make some drastic decision on how to protect there @ss

    It could be a good time also to cut all link with china ....well thx you guys but will stop all business with you .go get the rare metal elsewhere .


    at least now they will do something
    Quebec-french
    • RE: Canada: New attacks on two government departments

      @Quebec-french
      Knowing the Harper government, they will probably hire some evangelist so that they could all pray together and hope the problem goes away.
      MG537-23482538203179240121698430309828
      • hahahhahah that a good one man

        @MG537 <br>I dont know if you speak french but there a frightening news report made by Radio-Canada by Alain Gravel on his show inquest (enquete) Its call A la droite d'Harper would translate to ( Harper's left side). Its so weird. Faytene Sryskow ...... look at <a href="http://www.4mycanada.ca/" target="_blank" rel="nofollow"><a href="http://www.4mycanada.ca/" target="_blank" rel="nofollow">http://www.4mycanada.ca/</a></a> and other maniac website .... <br>Harper and Its friend are scaring the shiit out of me .....<br><br>DO be afraid of those moron they are religion danger
        Quebec-french
      • RE: Canada: New attacks on two government departments

        @Quebec-french ? la droite d'Harper would translate to something like "On Harper's right" - definitely not "left".
        MikeR666
      • sorry my bad

        @mike
        did you see the enquete show on RC very scary that we have those kind of people here too
        Quebec-french
    • RE: Canada: New attacks on two government departments

      @Quebec-french

      Most of that stuff is Unix and Sun Solaris.
      mswift@...
    • Blame it on Windows and not the incompetence of the Canadian government

      @Quebec-french
      There are many companies and orginizations that usWindows and do not get hacked, just as there are many Linux or Unix based systems in use that do get hacked.

      this is not the fault of an operating system, instead of the incompetence of the Canadian government to not take protecting their systems seriously, nothing more.
      :|
      Tim Cook
      • mister spock im so sorry your right

        @Mister Spock
        how i could make such a comment , please forgive me ....please ....

        the whole planet knows that MS is never wrong on anything .... praise ms how could have done something like that ....
        Quebec-french
  • RE: Canada: New attacks on two government departments

    @Quebec-french No I didn't see it. I only watch Enquete when I happen to be zapping and it's on. <img border="0" src="http://www.cnet.com/i/mb/emoticons/happy.gif" alt="happy">
    MikeR666
    • here mike enjoy

      @Mike (not Cox)
      http://www.radio-canada.ca/emissions/enquete/2010-2011/Reportage.asp?idDoc=133851 or
      http://www.radio-canada.ca/emissions/enquete/2010-2011/ look for the fev 10 2011

      please tell me what do you think about it
      Quebec-french
  • RE: Canada: New attacks on two government departments

    On port scanning a Microsoft client machine I noted that there were several ports open for listening. Now even with a thousand gateway/router firewalls in series connected to the internet this means those ports in the firewall are open to the LAN and that can effect everybody (ie. Linux systems etc too). I personally think client LANS should never have constantly listening app ports on the client machines so that the WAN firewall ports are blocking unwanted traffic on all ports. In other words if there is an open port at the WAN firewall then it is not really a firewall and especially if hacker ingenuity redirects to other ports at the client machines with an exploit. This is why I would put open port servers on a different gateway ip address than the clients. <br>Now consider another situation. My Linux gets hacked all the time which is probably due to a foolish abc job application. All I ever run is a browser with streaming video or audio from websites whose ip addresses are easy to guess and then spoof. My linux systems,I download, have the reject iptables rule that has the terms "related,established" as the filtering criteria. That means once I make the initial streaming connection, an easily guessed spoof stream of my streaming audio/video ip address can hold my netfilter firewall port open till the cows come home. Then some hacker known zero day exploit and they turn off or change the settings on my gufw firewall gui to annoy me. Imagine a pearl harbor like event with massive numbers of smart phones listening to streaming TV or NFL.com on superbowl day and a coordinated attack. They would be through the firewall and certainly would know an unknown exploit if they tried it;

    Clients should transmit a randomly generated password to the server in which the server is periodically required to verify or else the connection is automatically closed.<br>Bottom line lots of exploits would be reduced if firewall ports were closed by design out of the box and also if commercial firewalls had capabilities to override these naughty listening ports, at the WAN firewall and hopefully also by simple gui in the client OS firewall as well. It only takes one windows system to open several ports on a million Linux system LAN. One bad apple (not the company) spoils the whole bunch! I have already seen it multiple times on my home LAN with paranoid fresh reinstalls.
    linuxperson
  • RE: Canada: New attacks on two government departments

    It's attacks like these that actually strengthen web security by bringing to attention areas which hackers can exploit.
    J.S. - <a style="text-decoration: none; color: black;" href="http://www.the-toronto-realestate.com/">Toronto Homes</a>
    JSullivan00