The Treasury Board's web site says that it is "... responsible for accountability and ethics, financial, personnel and administrative management, comptrollership, approving regulations and most Orders-in-Council." Seems innoucous enough.
Not much more was said about this situation until last Thursday, when Treasury Board President Stockwell Day admitted that the Canadian government had discovered in early January that hackers using servers in China had been targeting the Treasury Board as well as the Department of Finance, hence the restricted Internet access. No critical information was said to have been compromised, although one might be tempted to take that contention with a grain of salt.
The Honourable Mr. Day's admission came in response to a news report Wednesday night by the CBC that said that not only had the Treasury Board and the Department of Finance been targeted, but also Defence Research and Development Canada (something that the Honourable Mr. Day would not confirm). A fourth government department may have also been targeted as well, says this CBC story the next day.
The original CBC story says that the hackers used phishing techniques to get into the systems:
"Sources say hackers using servers in China gained control of a number of Canadian government computers belonging to top federal officials."
"The hackers, then posing as the federal executives, sent emails to departmental technical staffers, conning them into providing key passwords unlocking access to government networks.
"At the same time, the hackers sent other staff seemingly innocuous memos as attachments."
"The moment an attachment was opened by a recipient, a viral program was unleashed on the network."
Also on Thursday, Canadian Prime Minister Stephen Harper, according to the CBC, "assured Canadians on Thursday that the government does have a strategy in place to protect computer networks." What it is beyond shutting down access to the Internet, the government won't say.
The CTV story states that:
"Sources say Canada's secret cyber spy agency -- the Communications Security Establishment -- tracked the hacking operation to the Chinese embassy in Ottawa and to computer servers in Beijing."
"Computer hacking is a global problem. China is also a victim. The allegation that the Chinese Government supports hacking is groundless and with ulterior motives."
Exactly what those Canadian government "ulterior motives" might be were not described. As this Reutersstory notes, the current Canadian government has "... has markedly toned down its criticism of China's human rights record as it tries to boost bilateral trade ties."
Finally, as described by this story in the New York Times, "For the past six weeks, thousands of public servants employed by the two departments [the Treasury Board and the Department of Finance] have either been staying home to use Internet connections or slipping out of their offices to use wireless Internet connections at nearby cafes."
Looks like this will be the standard operating procedure at those two departments for a while longer, given that the Canadian government has not indicated when it will fully restore Internet access for the Treasury Board or the Department of Finance.
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.