Chinese hacking into NRC computers isn’t a surprise: experts

Andy Radia
Politics Reporter
Canada Politics

Cyber espionage experts say that we shouldn't be surprised that Chinese state sponsored agencies are hacking into our government computer systems.

On Tuesday, Canada's National Research Council confirmed that their IT networks had recently been compromised by "by a highly sophisticated Chinese state-sponsored actor."

"We have no evidence that data compromises have occurred on the broader Government of Canada network," the agency said in a statement adding that it will now rebuild its computer infrastructure which could take up to one year.

The office of Foreign Affairs Minister John Baird — who was coincidentally was in Beijing — said that they are taking the issue "very seriously" and "addressing it at the highest levels in both Beijing and Ottawa."

[ Related: Canadian spy agency says Chinese hacked into NRC computers, network shut down ]

Ben Makuch, a Canadian editor for the website Motherboard, suggested that this is something government officials should have expected.

The Chinese military has developed sophisticated cyberwar capabilities, with members of China's People's Liberation Army operating out of the same building in Beijing.

Known as the PLA Unit 61398, the group has already been charged by the FBI for stealing trade secrets—among their many targets were drone manufacturers and the [U.S.] State Department.

In Canada, the same sorts of attacks are par for the course when it comes to Chinese cyber aggression. As I reported back in May, Access to Information requests showed that in 2012 alone, Canadian officials logged five spear phishing attacks on the Canadian Intellectual Properties Office—the known weapon of choice for Chinese agents in Unit 61398.

As explained Makuch, Cyber-espionage emanating from China has become a world-wide problem — even in Canada.

In January 2012, CBC News reported that that foreign hackers from China gained access to highly classified information at the Finance Department, Treasury Board, and Defence Research and Development Canada.

In 2013, according to the Financial Post, a report by U.S. internet firm Mandiant claimed that one of China’s cyber espionage units hacked the computer systems of at least seven organizations with operations in Canada.

The same article cites reports of Chinese hackers gaining access to law firms involved in the takeover bid for Saskatchewan’s Potash Corp.

[ Related: Chinese cyber espionage allegedly a problem in Canada too ]

Andy Pendergast, a U.S.-based cyber-security expert, says that the latest encroachment of the NRC was likely buoyed by Chinese motivations to access Canadian technologies.

"The fact that the intrusion prompted the Canadian National Research Council (NRC) to shut its network down is telling that the problem was likely widespread and they needed a way to stop the bleeding fast," Pendergast, Product Director at Cyber Squared Inc., told Yahoo Canada News.

What can Canada do?

Canada has limited options in terms of recourse against the Chinese.

The government could do what the United States did: In May, a U.S. grand jury indicted five Chinese military officers for hacking computer systems of American companies.

But, according to Pendergast, that strategy will have little effect.

"It's unclear whether the U.S.'s course of 'naming and shaming' the Chinese hacking activity has been an effective tool for them, so I'm not sure how it will work for the Canadians," he said.

"This tactic may have slowed the activity for a time, but it certainly has not and will not stop it."

Instead, Pendergrast suggests that the government commit more strategic investments into network security and threat intelligence platforms.

Steve Chabinsky, formerly the Deputy Assistant Director of the FBI's Cyber Division, argues that, at this stage, the Canadian government's best offence is a good defence.

"As we're seeing throughout the world..the way to defend against it has changed over time from trying to prevent the Chinese from getting into systems towards instead trying to detect them quickly, contain them quickly...and get them out of the sytem quickly," he told CBC News.

"Anyone that is working with the Canadian government right now on a research and development program better be checking their own systems to see if they've been compromised. Because what China is doing is taking years and years of developmental resources that Canada put in.

"Canada has long proud history of invention...and here you're having a country like China steal it, give it to their own state owned enterprises so those companies can go ahead, come to market faster without any cost, under-cut pricing and put your businesses out of business."

Are you a politics junkie?
Follow @politicalpoints on Twitter!