Canada’s Top R&D Organization Hacked by Chinese State-Sponsored Actor

July 29, 2014 7:51 pm Last Updated: July 31, 2014 11:46 pm

OTTAWA, Canada—Canada’s flagship research organization is rebuilding its computer network after it was breached by what the government is calling a highly sophisticated Chinese state-sponsored actor.

The National Research Council issued a statement Tuesday that a cyberintrusion prompted it to “create a new secure IT infrastructure,” an effort that could take a year to complete.

Sources at the NRC told CTV, Canada’s largest TV station, that Chinese hackers had been assailing the NRC for a month.

A representative for the Chinese Embassy denied the claims, calling them “groundless,” and saying the Chinese regime “has always [been] firmly opposed to and combated cyberattacks in accordance with the law.”

The NRC works within a wide spectrum of industries, including aerospace, pharmaceuticals, nanotechnology, security, and IT.

The attacks forced the research organization to do a complete computer shut down to prevent the hackers from stealing sensitive information.

The statement said that due to security issues, no further details will be provided, though an update can be expected Thursday.

Canada’s IT Infrastructure

Chinese hackers made headlines in Canada in 2011 when they successfully broke into computers of several critical federal departments and accessed classified information. Two of those departments were forced off the Internet.

Canada’s federal government has already been overhauling its IT infrastructure for all federal departments and agencies in an effort to better secure networks from hackers. This latest breach raises questions about the effectiveness of that effort.

One of those departments, the Treasury Board, also issued a statement on the recent attacks, saying it has a robust system to detect and investigate threats.

The board also suggested the breach was not indicative of problems with the new federal IT infrastructure, saying the NRC was not within the broader government of Canada network.

“We have no evidence that data compromises have occurred on the broader Government of Canada network,” read the statement.