Canadian Treasury and Finance Systems Hacked

Saturday, February 19, 2011



Canadian officials have confirmed that systems in the national treasury department and the department of finance have been compromised by hackers, according to reports.

Government systems is Canada, as in most nations, are regularly targeted in attempts to gain unauthorized access to sensitive information, but officials characterized this instance as being more serious that the norm.

"It was a significant one - significant that they were going after financial records," said Canadian Minister Stockwell Day, the president of the treasury board.

Though reluctant to provide any specifics on the the nature of the attacks or their level of success, officials initially seem confident that security protocols prevented the hackers from accessing the most sensitive of information in the systems.

"Every indication we have at this point is that our sensors and our cyber-protection systems got the alerts out in time, that the information doors were slammed shut," Stockwell said.

The Canadian Broadcasting Corp and other national media report the attackers used targeted spear-phishing methods to gain access to executive's computers.

The attackers then produced fraudulent emails that were sent out to numerous department staff which contained attachments infected with malware that would harvest data from the recipient's computers and transmit the information back to the attackers.

The systems in both the Treasury and Finance departments were isolated to prevent further damage while investigators worked to determine the extent of the systems breach.

The incident left thousands of Canadian civil servants without Internet access from their government offices, forcing many to either work from home or to seek access via local Internet cafes.

The use of home networks and public Wi-Fi access on such a large scale over the course of at least six weeks also presents some potential security concerns.

Reports indicate the IP addresses used in the attacks were traced to China, but there is no hard evidence yet that the attacks were state-supported.

Similar spear-phishing operations intended to infiltrate government systems have come to light in the United States. Fraudulent emails were sent in 2009 to five State Department officials contained malware-infested attachments.

British foreign secretary William Hague also recently issued statements confirming that government systems have been targeted by state-sponsored cyber espionage operations originating in China.

McAfee recently released a report titled "Global Energy Cyberattacks: Night Dragon” which detailed a long term systematic data stealing operation conducted against unnamed energy companies based in China.

Possibly Related Articles:
China malware Headlines Espionage hackers spear-phishing Treasury Department Canada
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked