#CyberFLASH: Iranian Hackers Infiltrated a Canadian Government System

Cyber_security_KPI_shutterstock_114785992_ResizeThe Canadian Center for Occupational Health and Safety (CCOHS), which is under the umbrella of the Ministry of Labor, had its network compromised along with accounts and password information leading up to April 2013. The attacks — which were part of a wider cyber offensive dubbed ‘Operation Cleaver’ — have gone unreported until now. This is the first time Canadian authorities have publicly acknowledged the government network was, in fact, hacked as a result of alleged Iranian-born operations.

CCOHS — responsible for maintaining the health and safety of government workplaces and advising agencies on how best to deal with pandemics — says it implemented proactive measures since the hack and has not been attacked since.

“CCOHS has enforced stricter security rules on our firewall, patched all servers, changed passwords, and reconfigured our network for greater segmentation,” communications director Lynda Brown told VICE News in an emailed statement. Asked specifically about the Iranian hack, she said that no “critical information was taken and the compromised computers did not contain any critical or sensitive information.”

According to Brown, the accounts and password information had stale network data and was not exploitable. At the time of the hack, CCOHS says it was not connected to the government of Canada’s Secure Channel Network, which was almost certainly the target of the attackers, in order to launch wider compromises of government assets.

Read more here

About canux
© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.