The Canadian government has accused China of being behind a “cyber intrusion” at the National Research Council of Canada (NRC), the country’s main science and technology research body.
Few details of the intrusion have emerged so far, and given the highly sensitive nature of the compromised organisation they may well remain shadowy forever. There is, however, no lack of openness or clarity in the government’s statement on the incident, released by the Chief Information Officer.
It claims to have “confirmed” that China, or at least someone sponsored by the Chinese state, was behind the attack.
Recently, the Government of Canada, through the work of the Communications Security Establishment, detected and confirmed a cyber intrusion on the IT infrastructure of the National Research Council of Canada by a highly sophisticated Chinese state-sponsored actor.
The NRC has fingers in a wide range of research pies, including aerospace, biotechnology, nanotechnology, energy research and much more besides, making it a prime target for research espionage.
The NRC’s systems are apparently separate from the general governmental IT networks, and since discovery of the breach steps have been taken to further isolate and separate the compromised systems from any others operated by government bodies.
The NRC, in its own statement, says that it is working on a “new secure IT infrastructure”, but that this could take up to a year to get up and running.
Canada’s strongly-worded accusation has of course been equally strongly denied by the Chinese government, which described the statement as “groundless speculations and accusations” which are “neither professional nor responsible”.
In the past China has often been a top suspect in international cyber-spying incidents, but usually by implication only, with governments doing their best to avoid making direct accusations.
In the aftermath of the indictment of a group of Chinese military officials on cyber-espionage charges in the US a couple of months ago, it seems like the gloves are well and truly off.
Since that incident, relations between China and the US have chilled considerably, with China making moves to shun the likes of Windows 8 and iPhones, and vital international cooperation to fight cybercrime deteriorating.
This latest attack on China is likely to further fuel this growing animosity.
International espionage, whether perpetrated via computer networks or more old-fashioned spycraft, is always a controversial subject, all the more so when one country singles out another and directly accuses it of involvement in snooping.
It’s pretty much accepted that most countries will be trying to find out their neighbours’ secrets in one way or another, and massive, extremely wealthy states like China are likely to be doing a fairly large share of this probing.
It’s possible that they do more than most other countries, although given the vast scale of the personal monitoring carried out by the NSA in the name of the US, it seems unlikely they’re unrivaled for the number 1 spot.
Just how productive it is to release this kind of accusation is open to debate. Will it discourage China from future phishing expeditions, or simply make their cries of victimisation all the more credible? Is it really just a diplomatic move, showing Canada’s support for the US in cyber-security issues?
Either way, it’s unlikely to make the world a happier place. Snooping on other people’s computers, whether by nation states, organised crime gangs or lone individuals, is not a nice thing to do, and it’s important that the world be told about it when it happens so we can try to better protect ourselves against future intrusions.
But in most cases it’s best to hold off on making public accusations until specific individuals can be identified and proven to be at fault.
Article source: Naked Security - Sophos