China denies role in reported government of Canada hack
IDG News Service - The Chinese government is denying any involvement in a reported cyberattack on the Canadian government, which was ultimately traced to a Chinese server.
The Chinese government is firmly opposed to hacking and other criminal acts, Foreign Ministry Spokesman Ma Zhaoxu said at a press conference Thursday. China is also a victim of computer hacking, he said. "The allegation that China supports hacking is groundless," he said.
The Canadian Broadcasting Corporation (CBC) reported Wednesday that authorities were forced to shut down Internet access to thousands of workers in the Canadian government's Finance Department and Treasury Board, after attackers
"posing as the federal executives, sent e-mails to departmental technical staffers, conning them into providing key passwords unlocking access to government networks," the CBC said.
The purpose of the attack was apparently to steal documents that contained classified government information.
Victims were also tricked into opening maliciously encoded documents, using a well-known technique called spear-phishing. With spear-phishing, the attacker does some research ahead of time and then picks a small number of victims, sending them a believable looking document -- a memo about an upcoming event, sent from a company executive, for example -- in the hopes that the victim will open this malicious attachment and their computer would be hacked.
The hacked computer is then used as a jumping-off point for computer-based espionage, as the hackers prowl through the victim's network in search of data.
This technique has been used successfully against U.S. government agencies and contractors for years now, according to security experts. Many believe these spear-phishing attacks to be part of a concerted espionage effort by the Chinese government, but this is nearly impossible to prove. China is often used as a path for all types of cyberattacks and it is possible that the attacker in this latest incident simply routed traffic through Chinese servers.
The Canadian government learned it had been compromised in January, the CBC reported. The office of Canadian Prime Minister Stephen Harper could not immediately be reached for comment.
- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
- Slideshow: 5 ways to lock down your mobile device
- Slideshow: 10 mistakes companies make after a data breach
- How to rob a bank: A social engineering walk through
- Which smartphone is the most secure?
This state agency depends on a commercial application that this IT pilot fish is responsible for managing. And upgrades are handled under a support contract -- at least until the recession and the huge budget crisis it brings.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Mitigating DDoS Attacks with F5 Technology
- This document examines various DDoS attack methods and the application of specific ADC technologies to block attacks in the DDoS threat spectrum while...
- The DDoS Threat Spectrum
- Bolstered by favorable economics, today's global botnets are using distributed denial-of-service (DDoS) attacks to target firewalls, web services, and applications, often simultaneously.
- Defending Against Denial of Service Attacks
- By utilizing end-user interviews, this whitepaper explores a deeper understanding of DDoS defense plans and reveals the knowledge gaps around the Denial of...
- Strategic Solutions for Government IT
- This paper outlines why F5 is the optimum partner to help achieve the levels of security, performance and availability that are vital to...
- The 10 "Must-Haves" for Secure Enterprise Mobility Management
- A security framework and evaluators' checklist. All Government IT White Papers
- HR and Finance Were made for Each Other View now >>
- The Value of Human Capital for Finance Professionals View now >>
- The Business Value of Human Capital Management for Finance View now >>
- The Freedom to Run Your Business Your Way Vendors are challenged to create flexible systems that customers can tailor to particular business strategies and industry needs. But the flexibility should not...
- Research Report: The Big Data Opportunity for HR and Finance If CEOs, CFOs, CIOs, and CHROs want to drive their businesses forward, they will need to quickly recognize the enormous value of big...
- All Government IT Webcasts
Does your organization offer extensive benefits, cool perks, competitive salaries, opportunities for training and advancement? Then get it recognized!
Nominate your company or another deserving organization for Computerworld's 2014 Best Places to Work in IT list now through Dec. 12, 2013.