Canadian spy agency says China hacked into National Research Council computers
29 July 2014
The Canadian government took the unusual step Tuesday of pointing fingers squarely at Beijing after a cyberattack on a prominent federal scientific research agency.
The federal government’s chief information officer, Corinne Charette, confirmed Tuesday that the National Research Council of Canada (NRC) was the target of a cyberattack from a “highly sophisticated Chinese state-sponsored actor.”
NRC refused to go into any detail about the attack Tuesday, but in a statement, the agency said it was working to contain the breach and improve its IT infrastructure — which has been isolated from the broader government network in the wake of an attack.
However, CTV News reported Tuesday night that NRC president John McDougall, in a conference call to employees, told them that “any information held in our systems, including employees’ personal information, may have been compromised. Client information and data may also have been compromised.”
While few cyberattack details have been released, the governing Conservatives appear certain where it originated. A spokesman for Foreign Affairs Minister John Baird, who was in Beijing on a trade mission Tuesday, said Baird had a “full and frank” discussion about the issue with his Chinese counterpart, Wang Yi.
“The government takes this issue very seriously and we are addressing it at the highest levels in both Beijing and Ottawa,” wrote Adam Hodge, a spokesman for Baird, in an email to the Star.
Calls to the Chinese Embassy in Ottawa were not returned Tuesday, but a spokesperson told the CBC that China does “not accept the groundless allegation of (the) Chinese government’s involvement in any cyber intrusion or attack.”
According to NRC officials, the breach was detected by the Communications Security Establishment of Canada (CSEC), the federal electronic espionage and security agency.
The NRC is one of Ottawa’s research and development agencies, partnering with industry to develop technologies designated as of “strategic and economic value” for Canada.
NRC’s research areas include, among other things, information and communications technology, the aerospace sector and the energy and mining industries. The agency also researched security and “disruptive” technologies.
The agency said the incident will affect its business operations, and said its updated IT system may take a year to put in place.
In May, the United States laid cyber-espionage charges against five Chinese military officials. According to U.S. officials, Chinese military hackers targeted the U.S. nuclear, solar power and metals industries’ trade secrets.
Jean-Philippe Vergne, an assistant professor at the Ivey School of Business studying online piracy threats, said these kinds of state-sponsored attacks have been occurring on a daily basis for years.
“It’s just a decision on the side of government organizations to reveal when it’s happening and choose appropriate times to make it public. But it’s a daily thing,” Vergne said in an interview Tuesday.
Vergne said the cyber attacks serve two purposes: to steal whatever secrets they can, and also to test the capabilities and vulnerabilities of other states’ electronic security.
Canada’s spy service, the Canadian Security Intelligence Service (CSIS), warned about the growing threat of cyber attacks in their most recent public report.
“Foreign intelligence agencies use the Internet to conduct espionage operations, as this is a relatively low-cost and low-risk way to obtain classified, proprietary or other sensitive information,” wrote CSIS Director Michel Coulombe in the agency’s 2011-2013 public report. “There have been a significant number of attacks against a variety of agencies at the federal, provincial and even municipal level. The Government of Canada, like those of other countries, witnesses serious attempts to penetrate its networks on a daily basis.”
Documents obtained by the Star reveal that Canada is becoming an increasingly popular target for hackers. In a 2013 report, Public Safety’s Canadian Cyber Incident Response Centre reported that in the first quarter of that year, Canada saw a 25-per-cent increase in the number of websites hosting malware — software designed to damage or gain access to other computers.
Citing a Websense study, the agency said the increase shows that Canada has become a “popular country of choice to host advanced malware for a number of reasons, including its lack of takedowns.”