A couple of news outlets are reporting that a new attack which has resulted in unauthorized access to "highly classified federal information in two key departments".
There isn't much to the story at this point, other than it appears that some lock-down of Internet services has taken place at the affected agencies, and some analyst's reports seem to point the finger at China.
The real story here is that the storyline starts "An unprecedented cyberattack..." where it would appear by the details released so far, that this is simply another routine spear-fishing attack targeting a valued target.
Some of the scarce technical details regarding the attack include:
I'll be interested and will post on the technical details of the attack when we know more, and also comment on how these types of attacks can be prevented in the first place.
The other interesting part of this, is that the federal government is not forth-coming regarding the details of the attack, the impact, or what controls are going to prevent and detect these things from happening again.
There isn't much to the story at this point, other than it appears that some lock-down of Internet services has taken place at the affected agencies, and some analyst's reports seem to point the finger at China.
The real story here is that the storyline starts "An unprecedented cyberattack..." where it would appear by the details released so far, that this is simply another routine spear-fishing attack targeting a valued target.
Some of the scarce technical details regarding the attack include:
"The hackers apparently managed to take control of computers in the offices of senior government executives as part of a scheme to steal the key passwords.."
"Canadian government cybersecurity officials immediately shut down all internet access at the Finance Department and the Treasury Board, in an attempt to stop stolen information from being sent back to the hackers over the net."
"The hackers, then posing as the federal executives, sent emails to departmental technical staffers, conning them into providing key passwords unlocking access to government networks."
"The program hunts for specific kinds of classified government information, and sends it back to the hackers over the internet"
I'll be interested and will post on the technical details of the attack when we know more, and also comment on how these types of attacks can be prevented in the first place.
The other interesting part of this, is that the federal government is not forth-coming regarding the details of the attack, the impact, or what controls are going to prevent and detect these things from happening again.
Comments