#CyberFLASH: Cyberattack at NRC occurred weeks before alert sent out

The federal government was aware a hacker had stolen secret information from the National Research Council last summer for nearly three weeks before it notified stakeholders, employees and the public.

That warning went out on July 29, 2014, a day after news of the hacking incident first broke in the news media.

After the employees were notified, the computer network at the National Research Council was isolated from the rest of government and staff were told not to connect from mobile devices such as laptops.

An amber cyber-flash sent by Public Safety’s Canadian Cyber Incident Response Centre, which is tasked with protecting government departments from cyberattacks, said only that it was aware a Canadian institution “has been compromised in ongoing targeted attacks by highly skilled threat actors, using stolen credentials.”

“The apparent objective of this activity is the theft of intellectual property, trade secrets and other sensitive business information,” the alert added.

According to documents obtained by CBC News through Access to Information, in the three weeks leading up that notification, top officials from NRC, Shared Services, Public Safety and the RCMP met often to talk about priorities in dealing with the cyberattack.

Read more here

About canux
© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.