Hacking attacks on government growing more sophisticated, intelligence agency warns - Action News
Home WebMail Friday, November 22, 2024, 05:15 PM | Calgary | -11.1°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Politics

Hacking attacks on government growing more sophisticated, intelligence agency warns

Hacking attacks launched by onlinecriminals against the Canadian government are growing increasingly sophisticated, warnsthe head of Canada's cyber securityagency.

Organized cyber criminals looking for a payday, says head of cyber security centre

The new Communications Security Establishment Canada (CSEC) complex is pictured in Ottawa on October 15, 2013. The federal cybersecurity centre says foreign countries are very likely to try to advance their agendas in 2019 -- a general election year -- by manipulating Canadian opinion through malicious online activity. In a report today, the Canadian Centre for Cyber Security warns that state-sponsored players can conduct sophisticated influence operations by posing as legitimate users.
The Communications Security Establishment Canada complex in Ottawa on October 15, 2013. (Sean Kilpatrick/Canadian Press)

Hacking attacks launched by onlinecriminals against the Canadian government are growing increasingly sophisticated, warnsthe head of Canada's cyber securityagency.

"We certainly do see state actors, but by far and large it's cybercrime, which I would say is getting more and more sophisticated," Scott Jones, head of the Communications Security Establishment (CSE) Canadian Centre for Cyber Security, toldCBC News.

The motivations for such attacks vary widely, he said. Some criminals playfor small stakes trying to pick off individual government employees for their SIN numbers and passwords, for example.

"Then there are the more organized [attacks]that see the government as a target and they're looking for financial gain, and those would be more sophisticated. They would tend to be looking for access to be able to do reconnaissance-typethings," said Jones.

To protect itself, the federalgovernment has something called a"host-based sensor program"installed on over half a million computers across more than 50 federal departments.

While theCSEtypically says nothing in public aboutits defensive capabilities, and cites operational security when keeping those details private,the agencyrecently published details of the in-house host-based sensorprogram.

"Host-based is really about what we can see to make sure that nothing ...is happening inside of the government networks that we don't want and expect," Jones said.

'Hundreds of thousands of events a day'

The CSE's cyber centre providesthe outermost layer of thegovernment's onlinedefencesby detectingthreats at the network level. The host-based sensor program is the inner layer of defence, warning system administrators when it detectssomething out of the ordinary on a government server.

While most malware and phishing attempts are detected by the government's frontline security, Jones said,those types of scams are becoming more sophisticated.

Scott Jones, head of the Canadian Centre for Cyber Security and CSE deputy chief of IT security, looks on during an announcement on the National Cyber Security Strategy on Parliament Hill June 12, 2018. (Justin Tang/Canadian Press)

He said that if a piece of malware somehow made it past the palace gate and a government worker clicked on it,the host-based sensor program would send up a distress signal.

"We see hundreds of thousands of events a day across the government, not all of them malicious. Sometimes it's just software that is just starting to behave weirdly or somebody has chosen to do an upgrade," he said.

"And then yeah, absolutely, we see malicious software installed. We are able to stop it and make sure it doesn't happen again"

When asked how successful the program has been in stopping attacks, a spokesperson for the CSE said that while "no network is fully impenetrable ...we are very confident in its defence capabilities."

The program also servesa canary-in-a-coal-mine function,helpingCanadian gatekeepers detect new methods being employed by those lookingto infiltrategovernment technology and giving them a chance to warn others,said Jones.

"It sees things that we've never seen before. So it's not in our threat intelligence feeds from commercial providers," he said.

"So yes, you can try and use your malware against us, but we're going to publish and we're going to make sure that people know about it so that you can't use it against anybody else.

"Which means cyber criminals would have to go back and they would have to redevelop some oftheir software. They would have to look at how to change the path they use to steal information. Our strategy is really about how do we make it more expensive to come after Canada."

British counterparts now adopting program

The host-based sensor program officially launched about eight years ago when the agency came to realize that most government workers would soon be working offtheirsmartphonesand connecting to their officesremotely.

The agency has decided to go public nowtoexplain more of what it does to Canadians, said Jones.

"I can't hide the fact that our genesis is from a sort of intelligence organization that prided itself on really not being known," he said.

"It was really timeto start showing people, 'Here, this is one of the things we do for the government, we are good at this.' I know it's not Canadian to say things like that, but we're really good at this."

The success of the program recently won over the CSE's British counterpart, the National Cyber Security Centre, which partnered with the cyber centre to implement a version of the host-based system on U.K.government systems.

Add some good to your morning and evening.

Your weekly guide to what you need to know about federal politics and the minority Liberal government. Get the latest news and sharp analysis delivered to your inbox every Sunday morning.

...

The next issue of Minority Report will soon be in your inbox.

Discover all CBC newsletters in theSubscription Centre.opens new window

This site is protected by reCAPTCHA and the Google Privacy Policy and Google Terms of Service apply.