By any measure, it was the worst ever cyberattack on Canada, a massive digital assault from somewhere in China in January 2011 that penetrated the confidential computer files of seven Bay Street law firms, siphoned top secret data from three federal agencies, and forced them off the internet for almost 18 months. (via Greg Weston: Ottawa’s blind eye to cybersecurity - Canada - CBC News)
- Yet, the auditor general now reports it took federal security officials a full week to notify the government’s own emergency cyber-response agency that there had even been an attack.
- In fairness, maybe the officials were having trouble getting anyone on the phone at the Cyber Incident Response Centre.
- The expensive government agency set up to be the nerve centre of Canada’s response to online hacking was only open weekdays, 8 a.m. to 4 p.m.
- The response centre is supposed to collect and analyze information on the latest cyber threats to government and the private sector. It is also supposed to disseminate that information to public and private operators of critical infrastructure such as power facilities, electrical grids, banking and transportation systems. But as Auditor General Michael Ferguson reported on Tuesday, many of those operators don’t even know the federal cybersecurity agency exists.
- Still, the auditor general reports that successive federal governments have spent more than $780 million of taxpayers’ money over the past decade writing reports on cybersecurity, and generally achieving little of lasting value.
- The U.S. and Australia have both blocked Huawei from bidding on infrastructure projects in those countries for reasons of national security — in other words, cybersecurity. But in Canada it has been a different story.
- And a former Nortel senior executive recently told CBC that the once mighty Canadian tech giant, which collapsed in 2009, may have been literally hacked to death, its technologies stolen and duplicated by Chinese cyber-spies over a period of years.
Apparently, the current government is “making progress” because Vic Toews announced $115 million in funding. But isn’t that what previous governments have done - isn’t that the point of the Auditor’s report?!?