4 high-profile cyberattacks on Canadian networks...
Bookmark and Share
Aug 26, 2015  |  Vote 0    0

4 high-profile cyberattacks on Canadian networks from this past year



The hacking of Ashley Madison is just the latest in a string of high-profile cyberattacks on Canadian online entities within the last year. Here's a round-up of the most serious to date:

1. Ashley Madison


When: July 2015

Target: Ashley Madison, often referred to as the "cheating website", is a Toronto-based company that offers to facilitate discreet extramarital affairs for a fee

Employees of Ashley Madison's parent company, Avid Life Media, discovered messages on their computers on July 12 warning that client information would be released if the sites AshleyMadison.com and EstablishedMen.com were not taken down. Two fruitless investigations and eight days after the initial warning message, the company announced the hack in a press release.

Reportedly hacked by: A group that identified itself as The Impact Team has claimed responsibility for the attack and release of data.

Fallout: On August 17, the first wave of client information was released. This data leak included the e-mail addresses, home addresses, sexual preferences and payment information for over 30 million uses across the world. A second dump of Ashley Madison data released days later included internal documents and e-mails from the company's CEO, Noel Biderman.

The Toronto Police Service has launched a formal investigation and will be working with domestic partners, the OPP and the RCMP, as well the U.S. Department of Homeland Security and the FBI. Avid Life is offering a $500,000 reward for information leading to an arrest.

A Canadian class action suit has been filed against Avid Life Media for breach of sensitive user information.

Unconfirmed reports have linked two suicides to the Ashley Madison data leak.

2. Canadian government websites

A screen capture shows the website of the Department of Foreign Affairs, Trade and Development on June 17, 2015

When: June 2015

Target: Canadian government

Federal government websites and internal networks were reportedly targeted in retaliation for Bill C-51.

Reportedly hacked by: Actors under the Anonymous banner claimed responsibility for the attack.

Fallout: Directed denial of service (DDoS) attacks on the network shut sites down for hours.

According to Public Safety Minister Steven Blaney, no personal information had been compromised based on the nature of the attack. DDoS attacks aren't known to cause permanent damage to sites, nor harvest information from them.

3. Ontario government websites

A pixilated image of a young boy that was left on the Ontario government website by a hacker on December 12, 2014

When: December 2014

Target: Ontario government websites

Users attempting to access provincial government websites were redirected to a page with the image of a young boy, a message urging readers to follow his Twitter account and an embedded video for M.C. Hammer's "U Can't Touch This".

Reportedly hacked by: No one has claimed responsibility for the attack.

Fallout: Ontario.ca sites were unavailable for a couple hours.

According to Ontario government spokesperson Zita Astravas, a third-party domain routing service that directs traffic to the government sites was hacked, not the sites themselves. It's not believed that any personal information was compromised during the attack.

4. National Research Council

Metro Creative Graphics

When: July 2014

Target: The National Research Council, a federal research agency that partners with several industries to develop technologies with "strategic and economic value" to Canada

The breach was detected by the Communications Security Establishment of Canada (CSEC) in late July 2014.

Reportedly hacked by: The Canadian government issued a statement claiming the attack was perpetrated by "a highly sophisticated Chinese state-sponsored actor." Chinese officials have denied any involvement.

Fallout: The NRC's computer network was shut down temporarily in the wake of the cyberattack.

A case study released in January by the Canadian Cyber Incident Response Centre suggests that the objective of the attack was to steal trade secrets and other intellectual property connected to NRC partners.

Bookmark and Share

(0) Comment

Join The Conversation Sign Up Login

In Your Neighbourhood Today