The Canadian government’s PC systems have been hit by state-supported cyber attacks around 50 times each week — and no less than one of them generally succeeded.
That affirmation from the Communications Security Establishment (CSE), the secretive agency accused of anticipating such attacks, is an rare look into the scale and recurrence of endeavors by foreign powers to infiltrate government systems.
“Between 2013 and 2015, the Government of Canada detected, on average a year, more than 2,500 state-sponsored cyber activities against its networks,” says a new report.
“Although more than six per cent of these attempts breached the Government of Canada’s systems in 2013, this number had fallen to less than two per cent in 2015.”
The report does not name the foreign entities behind the attacks, however the administration has already revealed China as in charge of a noteworthy cyberattack at the National Research Council in 2014 that forced a long shutdown of its systems and cost approximately thirty million dollars of tax payer money for recovery. Russia, Iran and North Korea are likewise notable players in cyber warfare, however have not been openly publicly identified by Canadian authorities.
The report did not state how CSE knows the assaults were state-sponsored.
The new report from the Public Safety Department says Canada effectively blocks approximately 600 million potential attempts every day to identify or exploit vulnerabilities in its administration networks and systems. But the vast majority are small-time hackers or other players not aligned with foreign states.
The frequency of state-supported hacking follows after an arrangement struck between Canada and China on June 22, in which the two sides consented to forgo leading or supporting “cyber-enabled theft of intellectual property,” for example, private-sector trade secrets and confidential business data. That understanding, in any case, did not discuss cyber attacks on government systems.
Last October, CSE reported to Parliament that it detected 4,571 “compromises” of federal systems because of cyberattacks in the first nine months of 2016. More than 2,000 were directed at federal systems related to natural resources, energy and the environment. The agency said only three of those attacks resulted in information being removed, none of it classified, but did not identify any players whether state-sponsored or not.
CSE also warned in a separate report released earlier this year about threats to Canada’s democratic process, saying that “almost certainly, multiple hackivist groups will deploy cyber capabilities in an attempt to influence the democratic process in 2019,” the next scheduled federal election.
That June 16 report also warned that nation-states showed the “highest sophistication” in attempting to undermine democratic processes worldwide, again without naming any players.
“Against Canada, nation-states are constantly deploying cyber capabilities to try to gain access to Government of Canada networks and the communications of federal government officials,” the document said, without providing statistics on the level of threat. “They are the most capable adversaries.”
Canada’s potential vulnerability to cyberattacks has caught the attention of U.S. defence officials. Then-Adm. William E. Gortney testified to a U.S. Senate committee in 2015 that hackers targeting Canada could cripple parts of North American air defence.
“A cyberattack in Ottawa could take out the northeast quadrant of our air-defence sector,” he testified at the Senate committee on armed services in March that year.
“It would be, effectively, a mission kill.”
Reference and more detail: