Skip to main content
The Globe and Mail
Support Quality Journalism.
The Globe and Mail
First Access to Latest
Investment News
Collection of curated
e-books and guides
Inform your decisions via
Globe Investor Tools
per week
for first 24 weeks

Enjoy unlimited digital access
Enjoy Unlimited Digital Access
Get full access to
Just $1.99 per week for the first 24 weeks
Just $1.99 per week for the first 24 weeks
var select={root:".js-sub-pencil",control:".js-sub-pencil-control",open:"o-sub-pencil--open",closed:"o-sub-pencil--closed"},dom={},allowExpand=!0;function pencilInit(o){var e=arguments.length>1&&void 0!==arguments[1]&&arguments[1];select.root=o,dom.root=document.querySelector(select.root),dom.root&&(dom.control=document.querySelector(select.control),dom.control.addEventListener("click",onToggleClicked),setPanelState(e),window.addEventListener("scroll",onWindowScroll),dom.root.removeAttribute("hidden"))}function isPanelOpen(){return dom.root.classList.contains(}function setPanelState(o){dom.root.classList[o?"add":"remove"](,dom.root.classList[o?"remove":"add"](select.closed),dom.control.setAttribute("aria-expanded",o)}function onToggleClicked(){var l=!isPanelOpen();setPanelState(l)}function onWindowScroll(){window.requestAnimationFrame(function() {var l=isPanelOpen(),n=0===(document.body.scrollTop||document.documentElement.scrollTop);n||l||!allowExpand?n&&l&&(allowExpand=!0,setPanelState(!1)):(allowExpand=!1,setPanelState(!0))});}pencilInit(".js-sub-pencil",!1); // via darwin-bg var slideIndex = 0; carousel(); function carousel() { var i; var x = document.getElementsByClassName("subs_valueprop"); for (i = 0; i < x.length; i++) { x[i].style.display = "none"; } slideIndex++; if (slideIndex> x.length) { slideIndex = 1; } x[slideIndex - 1].style.display = "block"; setTimeout(carousel, 2500); } //

The Communications Security Establishment complex in Ottawa. Software that was supposed to remove identifying information from material the agency captured failed, meaning allies received data that Canadian laws say they should not see.

The Canadian Press

Hackers hit the Canadian government's "natural-resources, energy and environment" sector almost as much as they do all other sectors combined, newly released numbers show.

Statistics released to Parliament this week show that government systems in this sector suffered 2,078 "system compromises" in 2016. This compares with 2,493 such compromises against all other federal government sectors during the same period.

These first-of-their-kind numbers were publicly released this week by a federal intelligence agency, the Communications Security Establishment (CSE), after a question asked in the House of Commons this fall.

Story continues below advertisement

The release of the statistics coincided with a mysterious, and mischievous, breach at the Department of National Defence. On Thursday afternoon, traffic from the "" recruiting site was routed to one of the Chinese government's main Web pages. "It is a serious situation on the surface of it," Public Safety Minister Ralph Goodale told reporters in Ottawa, adding that he didn't yet know precisely how it happened.

On Sept. 30, Conservative MP Matt Jeneroux had asked about what kinds of "cyberattacks" the government had suffered since Jan. 1.

Because there is no generally agreed-upon definition of what constitutes a cyberattack, the CSE responded with a list of "detected compromises" by 11 different federal sectors it has enumerated.

The CSE knows these numbers because, as an intelligence agency, it has the dual mission of protecting federal government computer systems while also spying on foreigners' communications for the government.

(Previously leaked documents indicate that the CSE spies on other countries' energy resources. For example, in 2013, the Canadian agency was revealed to have been mapping out data trails related to Brazil's Ministry of Mines and Energy, just as that country discovered new offshore oil reserves.)

The CSE statement says that of more than 4,500 known federal government computer-system compromises to date in 2016, it can identify only three known instances where data were actually stolen. None of this information was determined to have been classified as a state secret. These instances of data "exfiltration" from the government occurred once each within the natural-resources sector, the "security, intelligence and defence" sector, and the "government-administration" sector.

The CSE declined to name specific federal departments hit by hackers, preferring instead to aggregate them into 11 different sectors. The second-most-affected sector was "industry and business development," with 954 compromises. The third sector was "government administration," with 387 compromises.

Story continues below advertisement

The number of system compromises could be even higher, as it would not include cyberattacks that the CSE was unable to detect. The agency's statement did not address motivation.

Some hackers are merely mischievous, as evidenced during Thursday's apparent attack on the DND Web site. Yet others are involved in espionage, or are even out to sabotage critical infrastructure. The neutral "system compromise" language CSE used could refer to any of these scenarios.

Nor did the CSE speak to where such attacks are originating from. This is because, very often, the government cannot trace them back to particular adversaries.

Two years ago, however, CSE analysts gave the Conservative government information that indicated state-sponsored Chinese hackers were behind a crippling hack of the government's research arm. In response, the government took the unprecedented step of publicly blaming China for stealing secrets from the National Research Council.

While this sort of "naming and shaming" by Canada was a one-off event, dozens of federal departments have suffered similar attacks over the years. China is often among the usual suspects, given how it is known to dedicate hacking units of the People's Liberation Army to stealing technological secrets from the West.

The numbers released by the CSE do not speak to the number of hacks directed against private-sector entities in Canada. But after a visit to China last summer, Prime Minister Justin Trudeau directed his officials to discuss a potential accord that would serve to protect Canadian corporations.

Story continues below advertisement

While other countries have negotiated such agreements, there are no bilateral accords currently in place for Canada. "The U.S. and U.K. recently concluded agreements with China not to engage in, or support, the theft of intellectual property and trade secrets to gain economic advantage," Scott Bardsley, a spokesman for the Public Safety Minister, said at the time. "A similar agreement [with China] is a possible outcome."

With a report from Chris Hannay in Ottawa

Your Globe

Build your personal news feed

Hide info
  1. Follow topics and authors relevant to your reading interests.
  2. Check your Following feed daily, and never miss an article. Access your Following feed from your account menu at the top right corner of every page.

Follow the author of this article:

View more suggestions in Following Read more about following topics and authors
Report an error Editorial code of conduct
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to If you want to write a letter to the editor, please forward to

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies