Canadian Government Departments Face Security Breach

Attackers used social engineering and spear phishing to infiltrate the networks of Canadian Government Departments
Bookmark and Share
Albuquerque, NM (prHWY.com) February 18, 2011 - Albuquerque,NM,February 18, 2011 - Cyber-attacks on government departments and bodies may result in loss of confidential information and also compromise national security. Recently, Canadian Broadcasting Corporation (CBC) reported that some of the government ministries and departments suffered consistent cyber-attacks.Cybercriminals targeted Finance Department and Treasury Board of the Canadian government. The attackers also targeted Defense Research and Development Canada (DRDC). The attacks were detected last month and Internet access to all the three bodies was shut down by information security experts. The attacks were carried out by using social engineering techniques and spear phishing. Attackers allegedly posed as government officials and sent e-mails to technical staff in the offices of senior government executives, tricking them to reveal crucial passwords pertaining to government networks.

Attackers also launched spear phishing e-mails targeted at government officials. Government officials were tricked to open a malicious attachment in the e-mail. Under spear phishing attacks, cleverly crafted e-mails are sent to targeted users, which appear to arrive from a peer, a subordinate or a superior. Once a victim downloads an infected document, a malicious code gets executed and attackers gain access to the computer. The attackers may than infiltrate the computer networks and breach classified government documents. Online computer training and e-learning programs may help create cyber security awareness among employees and reduce security breach incidents.

Usually, ethical hacker certified professionals conduct in-depth tests to identify and mitigate weaknesses in the IT infrastructure. In this case, government authorities have not disclosed any details regarding breach of classified information. Cyber security experts in Canada have indicated involvement of China based hackers in the attacks. China has been often blamed by many countries for launching cyber-attacks on key government departments. Attacks are often traced to servers based in China. However, direct involvement of a state in cyber-attacks is very difficult to establish. On the other hand, China has denied any involvement in the cyber-attacks on Canadian government departments and bodies.

Canada has faced several cyber-attacks on government computers and networks. A few months back, the Canadian government had initiated a five year $90 million national cyber security strategy to safeguard government computer systems and networks from cyber-attacks.

Cybercriminals are vibrant and always find ways to penetrate into computer systems and networks.Government must take proactive and consistent steps to prevent cyber-attacks on individual, business and government networks. Adequate investment on IT infrastructure is crucial to strengthen the defenses against intrusion attempts by attackers. Government must also invest in cyber security education and encourage IT employees to undertake security certification courses to meet the future requirements of skilled cyber security personnel.

Contact Press

EC-Council
Website: http://www.eccouncil.org
Email: iclass@eccouncil.org
Tel: 505-341-3228

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted security conferences.

###

Tag Words: cyber security, intrude, infiltrate, social engineering, spear phishing, cybercrime, cyber attacks, canada, cyber crime, national cyber security
Categories: Security

Link To This Press Release:

URL HTML Code
Create Press Release
Press Release Options
About This Press Release
If you have any questions about this press release, please contact the listed publisher. Please do not contact prHWY as we cannot help you with your inquiry.