Skip to main content

In this Jan. 25, 2010 file photo, people use computers at an Internet cafe in Taiyuan, in north China's Shanxi province. Police in central China have shut down a hacker training operation that openly recruited thousands of members online and provided them with cyberattack lessons and malicious software, state media said Monday, Feb. 8, 2010.The Associated Press

A number of federal departments are struggling to deal with an outside cyber attack - including at the Department of Finance where officials are busy working on next month's budget.

According to senior federal officials, an attack that first became public at Treasury Board earlier this month also hit elsewhere in the federal public service, including Finance. An investigation into the attack is focused on Chinese IP addresses.

The officials also told The Globe and Mail that this isn't the first time Ottawa has had to deal with this type of attack.

A spokesman for Treasury Board President Stockwell Day confirmed the department detected an "unauthorized attempt" to access its computer networks.

"Officials responsible for security have taken appropriate action in response to the threat, in line with the Government Security Policy," said Jay Denney in an e-mail. "There are no indications that any data relating to Canadians was compromised by this unauthorized attempt to access the [department's] network."

Mr. Denney said employee access to the Internet remains limited, but would not comment on the specific details of the "security related incidents."

According to a CBC News report of the attack, hackers took control of computers in the offices of senior government executives in an attempt to steal passwords and access data. The report noted that the source of the attack does not necessarily mean that it is linked to the Chinese government.

Cyber threats to the Canadian government's computer infrastructure are growing all the time.

An ultra-secretive spy agency, the Communications Security Establishment Canada, is the main agency in charge of defending Canadian government systems from hackers. The Department of National Defence and Canadian Security Intelligence Service also play a role.

The Canadian government launched a formal cyber security strategy last year.

Canada's Auditor-General Sheila Fraser has been warning for years that the federal government's information technology systems risk being breached.

"The government has much work to do to translate its policies and standards into consistent, cost-effective practices that will result in a more secure IT environment in departments and agencies," she wrote in a 2005 report.

The Auditor General pointed out that many of the security co-ordination problems began at Treasury Board - the very agency whose computers have recently been breached by hostile hackers.

Wesley Wark, a security expert of at the University of Toronto's Munk School of Global Affairs, noted that defence and foreign affairs departments, and not budgetary agencies, are usually the most likely targets of hacker attacks by foreign governments.

"The government departments that seem worst affected don't seem to be the most obvious targets for a state-run cyber attack," he said.

He also noted that Canada's cyber security protocols were only adopted government-wide last fall, meaning it's only now that the "the bureaucracy has kind of a bureaucratic routine that it's meant to follow" in such cases.

Canada's spy services have long been sounding the alarm about Beijing's intelligence-gathering practices.

For example, last June, Richard Fadden, the director of the Canadian Security Intelligence Service, warned that several Canadian politicians had been unduly influenced by foreign powers - a remark that was widely seen to point the finger at the Chinese.

A few years ago it was reported that the Pentagon's own systems were infiltrated by China-based hacking networks. Last year, Google's Chinese systems were attacked, prompting U.S. Secretary of State Hillary Clinton to admonish China by saying that "countries or individuals that engage in cyber attacks should face consequences and international condemnation."

There has always been a question of whether Beijing, whose military is understood to have a formidable cyber war capability, encourages independent Chinese hackers to breach Western systems and institutions seen to be hostile to the one-party state.

In Beijing on Thursday, Chinese Foreign Ministry spokesman Ma Zhaoxu denied there was a China link to the hacking.

"What you mentioned is purely fictitious and has an ulterior motive," he told a regular news briefing when asked about the accusations.

"China attaches great importance to computer security and consistently opposes and cracks down on hacking activities according to relative laws and regulations," Ma added. "Hacking is an international problem and China is affected also."

With a file from Reuters