The Communications Security Establishment complex in Ottawa. Software that was supposed to remove identifying information from material the agency captured failed, meaning allies received data that Canadian laws say they should not see.The Canadian Press
Hackers hit the Canadian government's "natural-resources, energy and environment" sector almost as much as they do all other sectors combined, newly released numbers show.
Statistics released to Parliament this week show that government systems in this sector suffered 2,078 "system compromises" in 2016. This compares with 2,493 such compromises against all other federal government sectors during the same period.
These first-of-their-kind numbers were publicly released this week by a federal intelligence agency, the Communications Security Establishment (CSE), after a question asked in the House of Commons this fall.
The release of the statistics coincided with a mysterious, and mischievous, breach at the Department of National Defence. On Thursday afternoon, traffic from the "Forces.ca" recruiting site was routed to one of the Chinese government's main Web pages. "It is a serious situation on the surface of it," Public Safety Minister Ralph Goodale told reporters in Ottawa, adding that he didn't yet know precisely how it happened.
On Sept. 30, Conservative MP Matt Jeneroux had asked about what kinds of "cyberattacks" the government had suffered since Jan. 1.
Because there is no generally agreed-upon definition of what constitutes a cyberattack, the CSE responded with a list of "detected compromises" by 11 different federal sectors it has enumerated.
The CSE knows these numbers because, as an intelligence agency, it has the dual mission of protecting federal government computer systems while also spying on foreigners' communications for the government.
(Previously leaked documents indicate that the CSE spies on other countries' energy resources. For example, in 2013, the Canadian agency was revealed to have been mapping out data trails related to Brazil's Ministry of Mines and Energy, just as that country discovered new offshore oil reserves.)
The CSE statement says that of more than 4,500 known federal government computer-system compromises to date in 2016, it can identify only three known instances where data were actually stolen. None of this information was determined to have been classified as a state secret. These instances of data "exfiltration" from the government occurred once each within the natural-resources sector, the "security, intelligence and defence" sector, and the "government-administration" sector.
The CSE declined to name specific federal departments hit by hackers, preferring instead to aggregate them into 11 different sectors. The second-most-affected sector was "industry and business development," with 954 compromises. The third sector was "government administration," with 387 compromises.
The number of system compromises could be even higher, as it would not include cyberattacks that the CSE was unable to detect. The agency's statement did not address motivation.
Some hackers are merely mischievous, as evidenced during Thursday's apparent attack on the DND Web site. Yet others are involved in espionage, or are even out to sabotage critical infrastructure. The neutral "system compromise" language CSE used could refer to any of these scenarios.
Nor did the CSE speak to where such attacks are originating from. This is because, very often, the government cannot trace them back to particular adversaries.
Two years ago, however, CSE analysts gave the Conservative government information that indicated state-sponsored Chinese hackers were behind a crippling hack of the government's research arm. In response, the government took the unprecedented step of publicly blaming China for stealing secrets from the National Research Council.
While this sort of "naming and shaming" by Canada was a one-off event, dozens of federal departments have suffered similar attacks over the years. China is often among the usual suspects, given how it is known to dedicate hacking units of the People's Liberation Army to stealing technological secrets from the West.
The numbers released by the CSE do not speak to the number of hacks directed against private-sector entities in Canada. But after a visit to China last summer, Prime Minister Justin Trudeau directed his officials to discuss a potential accord that would serve to protect Canadian corporations.
While other countries have negotiated such agreements, there are no bilateral accords currently in place for Canada. "The U.S. and U.K. recently concluded agreements with China not to engage in, or support, the theft of intellectual property and trade secrets to gain economic advantage," Scott Bardsley, a spokesman for the Public Safety Minister, said at the time. "A similar agreement [with China] is a possible outcome."
With a report from Chris Hannay in Ottawa
Colin Freeze