The Canadian Broadcasting Corp. is reporting that key government agencies in Canada were the targets of a sophisticated cyber attack aimed at stealing sensitive government information.
The attack was first detected in January, 2011, and prompted Canada’s Finance Department and Treasury Board off the Internet temporarily in order to clean up after the attack. Among the targets of the attacks were Defence Research and Development Canada, a civilian agency that is part of the Canadian Department of National Defence.
According to the CBC report, issued Thursday, the attacks on the Finance Department started with spear phishing attacks aimed at senior Finance Department personnel, but spread to other targets.
Canadian officials are still trying to assess the damage caused by the attacks, including the quantity and type of data that is believed to have been siphoned from Canadian government networks.
Sources quoted in the story say there is no proof that the attacks were backed by the Chinese government, only that machines compromised in the attacks were found communicating with servers located in that country.
This isn’t the first attack on high profile government agencies and private sector firms with ties back to China, which is believed to have invested heavily in cyber offensive capabilities. China is believed to be behind the so-called “Aurora” attacks targeting Google and other firms. Recently, McAfee reported attacks on global engery firms believed to be linked to the Chinese government.