The government’s chief information officer confirmed a CTV News report Tuesday that the National Research Council was a victim of a cyberattack "by a highly sophisticated Chinese state-sponsored actor."
According to security experts, these types of attacks are increasing. However, governments and companies are catching them more often.
"More and more we are seeing that these attacks are increasing, not only in the United States and other targets, but particularly in Canada, and we're seeing that the goal is more and more clearly through cyber espionage to gain access to our economic secrets in terms of blueprints and production of top-notch products that Canada produces," Royal Military College national security expert Anthony Seaboyer told CTV News Channel.
The government of Canada is far from alone in being targeted. Chinese hackers have previously targeted the Finance department, Treasury Board, Bank of Canada and email accounts of members of Parliament. The U.S. government has also blamed China for similar issues in the past. IP Converge Data Services, a security vendor, warned earlier this month that cyberattacks are increasing at an alarming rate. Data breaches into major companies like Target or eBay mean as many as half of Americans have had personal data hacked in the past year. Cyber-intelligence start-up Norse has posted a real-time map of attacks around the world. Canada ranks high for both origin of attack and target.
"The reality is most organizations in one way or another have been hacked by different governments or entities out there," Maxime Lamothe-Brassard, co-founder and vice president of defence for Arc4dia, told CTV News Channel. "All nations have a lot of difficulty dealing with this new dimension."
Lamothe-Brassard added attacks like this have been going on for a long time, but governments and companies are starting to catch them more often.
The problem with cyberattacks is that the potential fallout grows with our dependency on computers and hackers seem to be a step ahead of security systems.
"The question is: How can legislation be developed to adopt fast enough to the new possibilities we are seeing, the new forms of hacking?" said Seaboyer. "The Canadian government is taking this more and more seriously, but the technological development usually races ahead of any legislation … and that's the challenge we are seeing in Canada."
Lamothe-Brassard said the key isn't to prevent an attack, but to be able to detect it quickly and mitigate the risks. Something the NRC appears to have done.
The statement added that the National Research Council's networks have been isolated from the broader government network and there is no evidence of a breach in the broader network.
NRC said in a statement they are working with IT experts "to create a new secure IT infrastructure," but added it could take a year.
NRC deals with issues from satellite technology to modified food chemistry and their computers are supposed to be hacker-proof.
Meanwhile, Foreign Affairs Minister John Baird is in Beijing and has raised this issue with his Chinese counterpart.
