Malicious hackers who may be based in China managed to fool Canadian federal IT staff into providing access to government computers, leading to severe Internet restrictions at Treasury Board and the Finance Department, CBC News reported late Wednesday.
Although the government has so far offered little information on the breach, CBC said the attack first surfaced in January and cut off Internet access for thousands of public servants, although service has slowly been returning to normal. There has been no confirmation so far that Canadians' personal information has been compromised or lost.
In what the CBC described as an "executive spear-phishing" attempt, hackers used bogus e-mails to pass themselves off as senior executives to IT staff at the two federal departments and request passwords, while other staff received e-mails with virus-laden attachments.
In response to media reports, Treasury Board issued a brief statement admitting it had detected an "unauthorized attempt to access its networks," but provided no more details. "Employee access to the Internet has been limited for the time being," said spokesman Jay Denny.
The Toronto Star said former federal CIO and Treasury Board secretary Michelle d'Auray has asked staff for a list of Web sites they believe are essential to their jobs.
Sources told the CBC it is not certain that the cyber-attackers are Chinese. Servers based in China may simply have been used to route the attacks from elsewhere. Chinese officials immediately denied any connections to the attacks.
"The allegation that the Chinese government supports Internet hacking is groundless," foreign ministry spokesman Ma Zhaoxu told reporters during a regular briefing, according to the Hindustan Times. "The Chinese government attaches importance to the safety of computer networks and asks computer and Internet users to abide by laws and regulations."
For years, Auditor-General Sheila Fraser has been warning about "flaws in the system" that could potentially put federal government IT infrastructure at risk. More recently, groups like CATA Alliance have been calling for Canada follow the lead of the United States in appointing a Cyber-Security Coordinator to ensure a unified response to IT security incidents, build partnerships between government agencies, encourage new technologies and raise awareness of security issues.