The Canadian government is publicly blaming China for a cyberattack on Ottawa’s premier scientific research agency, a rare rebuke that could chill relations ahead of an expected visit by Stephen Harper to Beijing this fall.
In an unusual step, the federal government’s chief information officer issued a statement Tuesday announcing that computers at the National Research Council (NRC) were penetrated by hackers and pointing the finger at “a highly sophisticated Chinese state-sponsored actor.”
Beijing, for its part, dismissed the “so-called ‘Chinese cyber intrusion’” and made a point of chiding Canada for the accusation. “We do not accept the groundless allegation of Chinese government’s involvement,” said Yang Yundong, a spokesman for the Chinese embassy in Ottawa.
“It is neither professional nor responsible to make groundless speculations and accusations,” Mr. Yang said.
The incident made for strained conversation in China Tuesday, where Foreign Affairs Minister John Baird was visiting to promote two-way trade.
Baird spokesman Adam Hodge said the foreign minister complained to the Communist Chinese leadership and had a “full and frank exchange” with his counterpart.
“The government takes this issue very seriously and we are addressing it at the highest levels in both Beijing and Ottawa,” Mr. Hodge said.
The incident cast a pall over Mr. Baird’s trip to China. The Canadian Foreign Minister took no questions from reporters in China Tuesday and Ottawa issued no statement about his visit, as it would normally do.
Mr. Harper is believed to be planning a visit to China in November to take place around the same time as an APEC leaders meeting.
Security expert Wesley Wark said he can’t recall Ottawa publicly pointing the finger at Beijing for past alleged hacking by agents of the Chinese government. “There was never any willingness on the part of the government to say, ‘This was China,’ but things have changed,” Mr. Wark said.
The Canadian government, Mr. Wark said, “can take some safety in numbers” in calling out China because so many others are doing so now.
He said there have been a recent “cascade of cases” where China is directly implicated in cyberattacks on private-sector firms and governments. In May, the U.S. charged five Chinese military hackers with cyberespionage against U.S. companies and a labour organization.
Federal officials refused to say what data was stolen in the cyberattack on the NRC, including whether the hackers got their hands on corporate secrets or intellectual property developed by companies.
Canada has been on guard against Beijing for years. In 2007, the head of Canada’s spy agency named China as this country’s top espionage threat.
This is not the first penetration of Canadian government computers by hackers from the People’s Republic of China. Past targets are believed to include Parliament Hill, the Finance Department and Treasury Board, the agency that tracks spending and priorities. In previous cases, government officials did not publicly lay blame for the attacks.
Corinne Charette, the federal government’s chief information officer, said this latest intrusion was discovered by the Communications Security Establishment Canada (CSEC), the country’s electronic spying agency.
She said the government doesn’t know if Chinese hackers made their way beyond the research council’s computers and into the federal government’s wide computer network.
Still, Ottawa has subsequently taken precautions to quarantine the research council’s computers. “The National Research Council’s networks have been isolated from the broader Government of Canada network as a precautionary measure,” Ms. Charette said.
The fact that hackers are still breaching Canadian government computers suggests spending by Ottawa on cybersecurity is not working. The federal government devoted more than $240-million over the past five years to guard against intrusions.
As recently as February, senior Canadian intelligence officials were being counselled by staff to avoid mentioning China as a source of digital espionage. As The Globe and Mail has reported, CSEC chief John Forster was advised by his staffers not to say anything of substance on the subject when he appeared at a parliamentary committee.