The Hacker group Anonymous claimed responsibility Wednesday for what Treasury Board President Tony Clement says was a cyber attack on the Government of Canada’s computer servers. Some federal emails and several department websites crashed early Wednesday afternoon.
Federal cabinet ministers were being briefed about the matter, with sites for Justice, Public Works and Government Services, the main Canada.ca page, Shared Services Canada (the government’s super-IT department) and even the Canadian Security Intelligence Service (CSIS) among some of those that were down.
“Confirmed today that Govt of Canada GC servers have been cyberattacked. Until full service is restored please use 1-800-OCanada,” Clement tweeted.
Government email access for some department and ministerial staff was also down, with political staffers handing out their personal email addresses to media.
A number of sites have since come back online as federal officials look to identify the source of the attack.
Internet hacker group Anonymous posted a YouTube video and statement Wednesday claiming responsibility for the attack. The video said it’s in response to the government’s anti-terrorism Bill C-51, which was recently passed in Parliament.
“Greetings citizens of Canada, we are Anonymous. Today, this 17th of June 2015 we launched an attack against the Canadian senate and government of Canada websites in protest against the recent passing of bill C-51,” the group says.
It also allows 17 federal departments and agencies to share and collate personal and other information about Canadians suspected of “activity that undermines the security of Canada.” It creates a no-fly list for individuals suspected of planning to join extremist fighters overseas.
And in exceptional cases, it gives the Federal Court authority to issue warrants exempting the Canadian Security Intelligence Service (CSIS) from breaking the law in order to disrupt and “reduce” national security threats.
The bill was to receive Royal assent this week.
The system includes more than 57,000 servers, 9,000 Internet connections and is accessed by more than 377,000 public servants and millions of Canadians.
The agency did not offer any immediate comment on Wednesday’s attack.
Last Friday, employees of the House of Commons were warned to be on the lookout for suspicious emails from hackers seeking personal information.
Two memos sent from Commons IT staff at that time said its employees, along with private sector workers, were “currently being targeted by several cyberattacks.”
The first alert, sent Friday morning, said hackers had stolen large volumes of personal data in the attacks.
A second alert, just after noon, said there was no evidence personal data had been stolen from Commons accounts, but did say they had been targeted.
It appears from the memos that hackers were sending phishing emails that look like they come from official accounts, but instead were a technological ruse to trick recipients into giving up personal information.
Commons IT officials, in the most recent memo, warned workers not to hand out their passwords to anyone and to delete any suspicious-looking messages.
Last year, a phishing scam that had the hallmarks of a state-sponsored attack allowed hackers into the systems of the National Research Council.
The government blamed China for the attack that forced the NRC to shut down its computer system last July and use a temporary network while a new $32.5-million system was built to better withstand further attacks.
The NRC’s systems were also isolated from other federal systems. The NRC was one of several agencies in Shared Services Canada’s national security and science portfolios – groups that include Health Canada, the RCMP, Department of National Defence, Transport Canada and the Canadian Food Inspection Agency – that have among the most complex and sensitive IT infrastructure in the country.
The intrusion came from “a highly sophisticated Chinese state-sponsored actor,” said the Treasury Board.
In January 2011, “spear-phishing” attacks are believed to have been perpetrated using servers in China. Hackers gained access to the Finance and Treasury Board networks by sending malicious emails to high-ranking department officials that contained a link to a webpage infected with a sophisticated virus.
It then opened a pathway deep into the government networks and installed spy mapware. Hackers also sent infected Adobe Systems Inc. PDF files that, when opened, unleashed more malicious code to target and download government secrets.
Source: Ottawa Citizen