Skip to main content

Beijing is denying that it is behind a cyber attack on Canadian government computers – an attack that has prompted Ottawa to step up security measures and stress that its financial secrets are safe.

"Computer hacking is a global problem," the Chinese embassy in Ottawa said in a statement Thursday. "China is also a victim. The allegation that the Chinese Government supports hacking is groundless and with ulterior motives."

The statement was made in response to a federal investigation of computers breached by an cyber attack, one that federal officials said emanated from Internet Protocol addresses in China.

Story continues below advertisement

This attack has prompted the Finance Department, Treasury Board and other departments to cut off some employees' access to the Internet.

Federal officials remained tight-lipped Thursday, but Treasury Board President Stockwell Day stressed that "every indication we have at this point is that our sensors and our cyber-protection systems got the alerts out in time, that the information doors were slammed shut."

Opposition parties said the attacks show the federal government has failed to heed repeated warnings to increase its cyber security. "They were taken by surprise," Liberal Leader Michael Ignatieff said. "They've had years to fix the situation."

How pervasive are cyber attacks?

They are a daily occurrence in Canada and the numbers are growing. Experts say hacking networks have grown a lot more sophisticated from the days when they just simply spammed everyone.

Now the trick is to target an organization's senior managers, by using e-mails that might tweak executive interests – and open doors that might otherwise remain shut.

Tricking a senior official into opening an infected document can allow hackers to breach firewalls, get inside intranets, compromise other users' identities – and, ultimately, steal documents.

Story continues below advertisement

This technique is known as "executive spear phishing."

How real is the risk?

Very real. Even systems controlled by multi-billion-dollar institutions – such as the Pentagon and Google – have been breached by adversaries whose whereabouts, aims and methods have proven very difficult to discern.

The Pentagon has said that it spent $100-million in six months in 2009 cleaning up damage caused by cyber attacks.

In Canada, the Conservative government last year announced a $90-million plan to better safeguard government networks over the next five years.

Some observers suggest the latest breach shows Ottawa needs to build up immune systems against future attacks. "I wouldn't call it a five-alarm fire, it's more like a fire drill," said one expert, who asked not to be named.

Story continues below advertisement

Who is behind the attacks?

Often, the usual suspects are China-based hacking networks.

While Beijing routinely denies supporting networks of hackers, Western intelligence officials tend to see the Chinese government as willfully blind to, complicit in, or even a sponsor of such attacks.

Overseas hackers can act as freelancers, for criminal gangs, or in support of the state. And frequently, hackers are working for a number of people at the same time.

What are they looking for?

The short answer is anything of potential economic value. This is what makes an attack on Treasury Board and Finance computers noteworthy.

Funding for every federal program, and proposals for new ones, pass through Treasury Board.

Not-yet-revealed information in the Finance Department's budget could potentially give the reader a leg up on market-moving information.

Canadian officials are taking great pains to suggest that nothing of consequence got grabbed in the attack. Regardless, the event shows there are plenty of places to snoop around inside the government for potentially valuable information.

Report an error Editorial code of conduct
Comments

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

If your comment doesn't appear immediately it has been sent to a member of our moderation team for review

Read our community guidelines here

Discussion loading ...

Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.