Tuesday, November 24, 2015

Federal departments faced serious cyber security breaches last year

Federal departments faced serious cyber security breaches last year

Documents obtained by the Citizen show that even before hackers were found in July to have broken into the National Research Council’s network, federal systems may have been compromised multiple times – in some cases so badly that the affected departments couldn’t rebound without the help of Shared Services Canada, the government’s super-IT department.
The documents obtained by the Citizen under the access to information law don’t make it clear how significant the breaches were, nor how successful the hackers were in each attack.
What the documents do show is that the security incident response team, known as IT-SIRT for short, was involved in a number of “potentially critical or extensive compromises” between January and March of 2014, according to an undated briefing note sent to the president of Shared Services Canada. The actual number of incidents has been redacted from the document, with the department citing security concerns for not releasing the information.
The information, along with profiles of four “significant engagements,” was provided to senior officials in departments that oversee cyber-security.
A security team inside Shared Services Canada is using the incidents, and other daily attacks on government systems, to determine a baseline of successful cyber attacks, which it can then compare with such attacks in future years.
Documents provided to the president of Shared Services Canada also say that “behind the scenes, government of Canada systems have been made more secure” – largely through tighter security requirements for IT purchases – and “the likelihood of a successful attack is reduced.”
The government announced last week that it was spending $32.5 million as a result of the cyber security compromise at the National Research Council in July.
That incident, which the government has blamed on Chinese-based hackers, led to the NRC shutting down its systems, isolating those systems from the rest of the federal IT infrastructure, and doing a complete overhaul of its systems that will last at least until this summer.
To keep top-secret information safe from hackers, the government is spending $55 million on a “secret” IT infrastructure.
The majority of that spending, $40 million, is designed to maintain the infrastructure that is already there protecting top-secret documents.
The remainder, $15 million, is for the early stages of a project to secure Internet phone calls above and beyond what can be done now. Shared Services Canada said that the final cost for the project will only be known once technical requirements, solutions and scope are established.
Eventually, secret documents sitting on 30 different “secret” networks will be amalgamated into one.
“The GCSI (government of Canada secret infrastructure) will improve the security of our infrastructure and data, protect our information against the current and future threats, enable the exchange of information, and provide new features that will improve our productivity,” reads a set of talking points provided to Shared Services Canada president Liseanne Forand before a June meeting of deputy ministers.
Work is already underway to move existing networks to modern infrastructure where possible, Shared Services Canada said.
The goal is to have the single network up and running by 2020, although internal government documents suggest work was already behind schedule earlier this year. A presentation provided to the president of Shared Services Canada in May of last year showed that there were some delays in the project. Specific dates have been redacted from the document.

No comments:

Post a Comment

Comments always welcome!