It was recently revealed that two Canadian government computers were being accessed by a hacker for days before the security threat was reported to Shared Services Canada by a “trusted source”. After the breach of security was uncovered the Public Works and Government Services Canada computers underwent a forensic analysis. The security report that was filed after investigation revealed that the computers were free of viruses or “suspicion of infection or compromise.” However, works is continuing to secure the Firewall around the network that contained the computers.
The hacker gained control of the computers via a program that allows a remote user to commandeer another system. The PC was hijacked on May 31 and was not taken back until June 7.
Postmedia News reports that the recent hack has been another attack on Public Works which has gotten hit by security breaches several times between May and August. The report used the access to information law to learn that hackers have also attacked agencies like the Immigration and Refugee Board of Canada which have not been previously successfully cyber-attacked. Furthermore, Natural Resources Canada ended up changing server configurations because a hacker gained access to internal network information. It is not certain whether the hackers were able to get sensitive information from the agency.
The security breach report about the Public Works computer did mention that no information had been deleted but they did not say if data had been copied and moved to another location. Reporters were asked to speak with Public Safety Canada about the matter while the agency replied that they would not make a statement on “specific threats for security reasons.”
Government computers are under threat of being breached at all times because they contain sensitive data. In most cases the security around the data is successful in keeping unwanted users out. However, security can fail and hackers can successfully attack computer systems. Anil Somayaji of the Carleton University’s Computer Security Lab says, “We don’t know how to make perfectly secure systems. In designing systems to deal with this, we have to say its going to break … and are you willing to live with the consequences? If not, don’t build it.”
Source: Vancouver Sun