Canada’s National Research Council Hit by Apparent Chinese Cyber Attack

One of Canada’s premier research and technology organizations was hit with an apparent cyber-attack recently that forced the cooperative offline.

One of Canada’s premier research and technology organizations was hit with a cyber-attack recently that forced the cooperative offline; the attack – which appears to be Chinese in origin – was so serious the organization is being forced to rebuild its entire system.

The National Research Council of Canada (NRC), a science and technology research group based in Ottawa, claimed Tuesday that it was able to detect the cyber-intrusion with the help of the Canada’s cryptologic agency, the Communications Security Establishment (CSE).

The country is only divulging so much about the attack –  it didn’t specify when it took place, what may have been taken or exactly how the attack was executed – but claims it will give an update on Thursday.

The organization stresses it is taking the necessary measures to contain the breach however.

“Following assessments by NRC and its security partners, action has been taken to contain and address this security breach, including protecting its information holdings and notifying the Privacy Commissioner,” the organization wrote in Tuesday’s statement.

While the NRC statement doesn’t acknowledge it, according to a separate announcement from Canada’s chief information officer, Corinne Charette, a “highly sophisticated Chinese state-sponsored actor” is to blame for the attack.

Canada’s Foreign Affairs Minister John Baird was in Beijing when the attack was announced and was set to give a press conference that was later shelved. According to his spokesman Adam Hodge, Baird had a “full and frank exchange” with his Chinese counterpart, Wang Yi.

“The government takes this issue very seriously and we are addressing it at the highest levels in both Beijing and Ottawa,” according to the statement.

It’s not entirely clear what kind of documents the NRC may have had on its systems but the organization works in tandem with a handful of sectors and has done work advancing aerospace, automotive, construction, energy, telecommunications, and medical device technology in the past.

When reached Wednesday, the NRC and CSE refused to share any further details regarding further the attack citing “security and confidentiality reasons.”

While the NRC falls under the Canadian government’s umbrella, Charette’s statement acknowledges that its system is not directly connected to the government’s network but that hasn’t stopped IT administrators from isolating it from the larger network as a precaution.

The organization has reportedly been in contact with its clients and claiming that it will take about a year to rebuild its information technology infrastructure, a figure that may suggest the attack was quite serious.

The People’s Republic is no stranger to hacking accusations, it just usually denounces such claims.

After the U.S. indicted five Chinese People’s Liberation Army officers with cybertheft earlier this year, China blamed the U.S. for “hypocrisy and double standards.” In 2013, after the initial report detailing the cybertheft emerged, China issued a strong denial and cautioned the report was flawed.

It’s the second alleged altercation between China and Canada in the last few years.

In 2011, the Canadian Broadcasting Company claimed that hackers using IP addresses from China were responsible for attacks on another Canadian government organization, the Defence Research and Development Canada along with Canada’s Finance Department and Treasury Board. China denied involvement in those attacks as well, stating that the nation’s government opposes hacking and that any allegations it supports it are groundless.

Suggested articles


  • Jay on

    This should not be a surprise to anyone. While the Chinese may argue that they have no responsibility in this, modernizing China involve aggressively closing the gap with Western science and technology. It is no coincidence that every operation attributed to the Chinese involve the same kind of target: diplomacy, energy, military technology and scientific targets. In Canada, it started with Nortel, went on with DRDC in 2010 and it would not be surprising many of the defence industry be also heavily targeted, sometimes noted in IT vendors intelligence report. Anyone interested should read the following article: The Past, Present and Future of Chinese Cyber Operations.
  • Has-to-be-said on

    So, it looks to me like the real "Powers that Be" and war-mongers are trying to start a war: this time it's between Canada and China. Last week it was Africa. The week before that, it was Russia and the Ukraine. Before that, it was Iraq. I'll bet the Chinese government doesn't know anything about this attack, well until now, anyway. Could be yet another false flag event. I believe its time for peace and good news. Enough with the made-up news.
  • danR on

    It's not simply about cyber-security, but about potential vulnerabilities across the board. Ottawa was warned about the threat of physical espionage by Chinese personnel years ago. Let's not wait until a "Now What?" item is realized in next months news. No advanced modern nation, and particularly, none of the 'five-eyes' intelligence partners need any Chinese embassies on their real-estate. We live in the 21st century; let's prove it by doing daily political liaison with Beijing by (secure, encrypted, etc) videoconferencing, and by letting commercial/business personnel from China in on a vetted basis. I would prefer the latter submit an itinerary every morning and wear a gps ankle bracelet as well, but I don't want to sound too persnickety.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.