Several Canadian government websites and government employee email servers were taken down in an attack that lasted several hours, raising questions on just how capable the computer infrastructure at the nation’s capital Ottawa is in withstanding such concentrated, sustained cyber-attacks, the Globe and Mail reported.
Lasting a couple of hours after noon Eastern Canadian Time, Canadian government websites disappeared from the internet and e-mail accounts of employees in the government stopped working completely. The websites taken down added up to the dozens, with federal department websites in Industry, Justice, Foreign Affairs, Trade and Development, Natural Resources and more were completely inaccessible for the entire duration of the attack.
A hacktivist attack
Hacktivist group Anonymous claimed responsibility for the attacks in a video, stating that the taking down of Canadian websites was in protest to a new anti-terror legislation called C-51, that grants new enhanced powers to intelligence gathering entities and security agencies.
The Globe reports that this is the single most high-profile attack targeting Canada since Chinese hackers, backed by the state infiltrated Canada’s Premier Scientific Research Agency in 2014. The Globe also notes sources who alleged that hackers targeted computers at the Research agency in order to gain access to the rest of the Canadian Federal government.
The fallout from the attack
The cyberattacks cooled and subsided after 2 PM ET and normal operations resumed with websites back up and running along with email servers used by government employees. While the two hour attack is certain to send alarm bells ringing, it could’ve been a lot worse, according to Tony Clement, the Treasury Board President.
“I think our imaginations could think of ways in which it could be worse, but obviously, this is inconvenient for the public and for government, and we don’t like to see it happen,” Mr. Clement said.
“There’s always concern that this is part of a pattern, and I’m sure that our best security people and tech people are working on ways to make sure that that is not a template,” or model, for future attacks,” he added, likely alluding to threat assessment tests that are certain to be looked into and carried out by security researchers working to avoid such attacks in the future.
He also added that the attack was a DDoS (Distributed Denial of Service) attack which led to the crippling of government websites, wherein a large number of pings or outside requests seeking to communicate with the website’s servers brings the entire website down due to the sheer volume of relentless requests aimed at the website.
While websites and email servers were brought down, Public Safety Minister Steven Blaney assured Canadians that no personal data was breached, stolen or released in any form as a result of these attacks.