The Hacker group Anonymous claimed responsibility Wednesday for what Treasury Board President Tony Clement says was a cyber attack on the Government of Canada’s computer servers. Some federal emails and several department websites crashed early Wednesday afternoon.
Federal cabinet ministers were being briefed about the matter, with sites for Justice, Public Works and Government Services, the main Canada.ca page, Shared Services Canada (the government’s super-IT department) and even the Canadian Security Intelligence Service (CSIS) among some of those that were down.
“Confirmed today that Govt of Canada GC servers have been cyberattacked. Until full service is restored please use 1-800-OCanada,” Clement tweeted.
Government email access for some department and ministerial staff was also down, with political staffers handing out their personal email addresses to media.
A number of sites have since come back online as federal officials look to identify the source of the attack.
Internet hacker group Anonymous posted a YouTube video and statement Wednesday claiming responsibility for the attack. The video said it’s in response to the government’s anti-terrorism Bill C-51, which was recently passed in Parliament.
“Greetings citizens of Canada, we are Anonymous. Today, this 17th of June 2015 we launched an attack against the Canadian senate and government of Canada websites in protest against the recent passing of bill C-51,” the group says.
The first alert, sent Friday morning, said hackers had stolen large volumes of personal data in the attacks.
A second alert, just after noon, said there was no evidence personal data had been stolen from Commons accounts, but did say they had been targeted.
It appears from the memos that hackers were sending phishing emails that look like they come from official accounts, but instead were a technological ruse to trick recipients into giving up personal information.
Commons IT officials, in the most recent memo, warned workers not to hand out their passwords to anyone and to delete any suspicious-looking messages.
Last year, a phishing scam that had the hallmarks of a state-sponsored attack allowed hackers into the systems of the National Research Council.
The government blamed China for the attack that forced the NRC to shut down its computer system last July and use a temporary network while a new $32.5-million system was built to better withstand further attacks.
The NRC’s systems were also isolated from other federal systems. The NRC was one of several agencies in Shared Services Canada’s national security and science portfolios – groups that include Health Canada, the RCMP, Department of National Defence, Transport Canada and the Canadian Food Inspection Agency – that have among the most complex and sensitive IT infrastructure in the country.
The intrusion came from “a highly sophisticated Chinese state-sponsored actor,” said the Treasury Board.
In January 2011, “spear-phishing” attacks are believed to have been perpetrated using servers in China. Hackers gained access to the Finance and Treasury Board networks by sending malicious emails to high-ranking department officials that contained a link to a webpage infected with a sophisticated virus.
It then opened a pathway deep into the government networks and installed spy mapware. Hackers also sent infected Adobe Systems Inc. PDF files that, when opened, unleashed more malicious code to target and download government secrets.