Peoples’ Liberation Army hacks government computers

“The hackers also targeted the House of Commons, specifically targeting MPs that have large Chinese constituencies, CTV reported Thursday evening.

“Officials traced the attack back to the Chinese embassy in Ottawa, CTV reported.

“Treasury Board President Stockwell Day said the security breaches were “significant” and targeted financial records.”

Cyber attack may have led to ‘significant information leakage’ expert says

Ottawa Citizen

Bradley Bouzane: February 17th, 2011

OTTAWA — Recent cyber attacks on numerous federal government networks may have gained access to massive swaths of information in a matter of seconds, a network systems expert said Thursday.

Although the nature of what was exposed to international hackers who tapped into the networks of the Department of Finance and Treasury Board was not disclosed by government officials, Eric Stewart, an independent network consultant, says the range of exposed electronic records is very broad.

“With the amount of bandwidth available to federal government systems, within a period of just a few short minutes (of exposure), there can be significant information leakage,” the Ottawa-based expert said.

“Those are huge pipes (hackers) have to the Internet and even in just a few seconds, if it was properly targeted — and it sounds like it was targeted — information of immense value could have been exchanged.”

The hackers also targeted the House of Commons, specifically targeting MPs that have large Chinese constituencies, CTV reported Thursday evening.

Officials traced the attack back to the Chinese embassy in Ottawa, CTV reported.

Treasury Board President Stockwell Day said the security breaches were “significant” and targeted financial records.

Day would not specify Thursday how long the hackers’ window of opportunity was open to access government information, but said the breach will not have any impact on the upcoming federal budget.

“It slows down your internal operations for a while because we had to immediately shut down certain parts of the network . . . but those are all in the process of being reopened and the budget is on track,” he said.

The Department of Public Safety, the federal department to which queries on the matter were referred, also would not give specific details on the breach or say if any sensitive information or other departments were compromised.

Although no defined motivation is known, Stewart said the attack — which some have linked to China — could be an attempt at a “nose-blooding” to embarrass Canada on the international stage.

Stewart said it’s likely government officials did not learn about the attack in real-time, which can be common when too much reliance is placed on the technology responsible for keeping networks safe.

He said more consistent education programs are needed for staff to practise stricter Internet guidelines to prevent viruses and other malicious programs from entering government servers through email and other means.

“I’m really not surprised because people do tend to lean very heavily on the technology,” Stewart said. “They think the blinking LED lights, the patch cables and the $80,000 firewall they bought is going to protect them, but the technology is only one pillar in network security. The other big pillar (is) the users.

“These intrusion-protection systems are only as good as the people who are monitoring them. Whether that’s in real-time, looking at events as they unfold, or post-event . . . that’s where I believe the weakness has been in this case. The technology is at the leading edge . . . but if nobody’s paying attention, it doesn’t matter what type of system you have. It’s not going to do the job.”

Day said the security breach — which forced both federal departments to make adjustments to employees’ online access while investigators determined the scope of the breach — was a substantial one, but not the worst seen by the government.

The attacks are believed to have happened more than a month ago. Day said similar attacks are common for all governments and likely will happen again.

“I wouldn’t say it’s the most aggressive (attack), but it was a significant one,” Day said Thursday. “They were going after financial records. Our alarm systems . . . went off in time and we were able to shut things down and protect information, but it shows we have to be constantly vigilant.

“We have every reason to think attempts like this (will) continue — it’s something all governments are subjected to,” Day said following an address to the Ottawa Chamber of Commerce. “As technology increases, the hackers become more rigorous and more robust and it just means we have to continue to make sure our defences are in place.”

Liberal public safety critic Mark Holland blamed the network violations on a lack of adequate government defences.

“The reality is our information systems are vulnerable,” Holland said. “We’ve been sitting without a proper security plan for years now. This government has been blasted by the auditor general . . . for their failures to implement a cyber-security plan. We need to see a full-scale plan in place now — we’ve waited far too long for this and it’s created vulnerabilities as are evidenced in this instance.”

The issue of network security in federal departments was raised in a 2005 report by Auditor General Sheila Fraser.

Fraser wrote that she was “concerned that, in many departments and agencies, senior management is not aware of the IT security risks and does not understand how breaches of IT security could affect operations and government credibility.”

Prime Minister Stephen Harper, however, said the government has taken steps to protect its information systems, but cited national security reasons for not discussing the newly surfaced breaches.

“Cyber-security is a growing issue,” Harper said in Toronto Thursday. “It’s an issue of importance, not just in this country, but across the world. We work closely with our allies in anticipating and dealing with cyber attacks and we do have a strategy in place to try and evolve our systems as those who would attack them become more sophisticated.”

In question period, Public Safety Minister Vic Toews said the government has made progress in protecting Canadian information networks with a multi-year plan.

“We know a secure cyberspace is vital to sustaining and building Canada’s economic advantage,” he said. “That’s why we’re investing $90 million over five years, including an increased investment in an around-the-clock information-protection centre to combat all types of hackers and cyber attacks.”

Holland said if it was confirmed the systems were compromised through official Chinese lines, the issue would cause a serious strain on relations between Canada and that country.

“These are serious breaches and we have to understand who’s behind them and we need the Chinese government’s co-operation,” he said. “If that’s not forthcoming, that’s going to cause tension.”

John Thompson, the executive director of the Mackenzie Institute, a Toronto-based defence and terrorism think-tank, speculated that given the size of the intrusion, the attack would have required a “significant investment of human resources and time, and the Chinese have been building up those human resources.”

Thompson suggested that the Chinese army’s dedicated regiments of cyber intelligence officers —who have been suspected of probing computers the world over — are a much more likely culprit than independent hackers or another nation using Chinese servers.

“The Chinese do this to everybody, including corporations and private citizens who are involved with China, partly because they’d like to know exactly what’s going on with who they’re dealing with,” said Thompson.

“In this case, they might have wanted an idea of what was in the upcoming budget so they could get some of their bond traders ready to take advantage. That’s the way they do business, and this is a new reality.”

No one at the Chinese embassy in Ottawa was available for comment on Thursday.

© Copyright (c) Postmedia News

See original here.

See the Mackenzie Institute website here.