Chinese Attackers Accessed Canadian Government Networks For Five Years (theregister.com) 9
Canada's Communications Security Establishment (CSE) revealed a sustained cyber campaign by the People's Republic of China, targeting Canadian government and private sector networks over the past five years. The report also flagged India, alongside Russia and Iran, as emerging cyber threats. The Register reports: The biennial National Cyber Threat Assessment described the People's Republic of China's (PRC) cyber operations against Canada as "second to none." Their purpose is to "serve high-level political and commercial objectives, including espionage, intellectual property (IP) theft, malign influence, and transnational repression." Over the past four years, at least 20 networks within Canadian government agencies and departments were compromised by PRC cyber threat actors. The CSE assured citizens that all known federal government compromises have been resolved, but warned that "the actors responsible for these intrusions dedicated significant time and resources to learn about the target networks."
The report also alleges that government officials -- particularly those perceived as being critical of the Chinese Communist Party (CCP) -- were attacked. One of those attacks includes an email operation against members of Interparliamentary Alliance on China. The purpose of the cyber attacks is mainly to gain information that would lead to strategic, economic, and diplomatic advantages. The activity appears to have intensified following incidents of bilateral tension between Canada and the PRC, after which Beijing apparently wanted to gather timely intelligence on official reactions and unfolding developments, according to the report. Canada's private sector is also in the firing line, with the CSE suggesting "PRC cyber threat actors have very likely stolen commercially sensitive data from Canadian firms and institutions." Operations that collect information that could support the PRC's economic and military interests are priority targets.
The report also alleges that government officials -- particularly those perceived as being critical of the Chinese Communist Party (CCP) -- were attacked. One of those attacks includes an email operation against members of Interparliamentary Alliance on China. The purpose of the cyber attacks is mainly to gain information that would lead to strategic, economic, and diplomatic advantages. The activity appears to have intensified following incidents of bilateral tension between Canada and the PRC, after which Beijing apparently wanted to gather timely intelligence on official reactions and unfolding developments, according to the report. Canada's private sector is also in the firing line, with the CSE suggesting "PRC cyber threat actors have very likely stolen commercially sensitive data from Canadian firms and institutions." Operations that collect information that could support the PRC's economic and military interests are priority targets.
Not surprising (Score:2, Informative)
If you pay taxes in Canada you likely know about how clunky and inefficient the government websites are. Not surprised at all if hackers got into gov networks. Wouldn't be surprised at all either if insiders deliberately made it easier for outsiders to get in. Canadians tend to be very trusting and generally incapable of thinking anyone doesn't have Canadian interests at heart.
Re:Not surprising (Score:4, Funny)
If you pay taxes in Canada you likely know about how clunky and inefficient the government websites are.
So, ask the Chinese how they got in. And if they would mind terribly putting together a HOWTO that Canadian citizens can use to streamline the process.
Re: (Score:3)
Re: Not surprising (Score:1)
Re: (Score:3)
I actually find the Canadian government websites pretty usable. Sure, they're mostly old-school post-a-form-and-get-a-result without any fancy react crap, but they work and are fairly reliable. Plus they are accessible.