IT Security News and Opinion
Friday May 24th 2013
Auto Discovery Webinar

Chinese Cyber Attack on Canada

Chinese Cyber Attack The Daily Tech reported China’s cyber-attack on Canada in this news story: “China Appears to Have Committed “Unprecedented” Cyber-Attack on Canada”. The article discusses how Canada appears to have become the latest victim of Chinese cyber-aggression. According to The Daily Tech, Canadian Prime Minister, Stephen Harper, released a short statement confirming that the government had encountered an “attempt to access” government information by foreign agents. Government officials would not confirm where that attempt came from or what information may have been stolen.

The Daily Tech article also points out that sources told Canada’s leading news network, CBC, that the attacks were traced to servers in China. It was reported that the attackers used a technique called “executive spear-phishing” to capture control of Canadian government officials’ individual machines via typical infection modes. Apparently, once the attackers had access, they began to send emails from the officials’ computers, asking for passwords to various servers. According to the article, many government officials gave up these passwords as the emails appeared to come from a legitimate source.

The Chinese cyber attack on Canada demonstrates the reason why privileged account passwords should never be shared among employees, or left static and unchanged. In the description of this attack, hackers were able to gain access to sensitive systems via access to these credentials.

My position has always been that access to sensitive systems with root level credentials must always be part of a process that involves multiple sign-offs, limited time access, and extensive logging and alerting of usage. See the Identity Week post on how to fix weak passwords. Unfortunately, many organizations don’t employ automation of privileged identity management (PIM), or implement appropriate auditing or limited time access.

My sincere hope is that the Canadian government will implement the same technology solution used by the US government to protect their national defense systems.  No doubt the Canadian Government either has nothing implemented for privileged identity management, or deployed an inferior and incomplete solution. PIM technology can permanently close this security hole, and stop the public embarrassment and data leakage.

What is your solution to the cyber-attack on Canada? Let me know by commenting below. You can also follow me on Twitter: @liebsoft or connect with me via LinkedIn.

FacebookTwitterLinkedInDeliciousTechnorati FavoritesDiggBlogger PostGoogle ReaderShare
Post Published: 28 February 2011
Author: Philip Lieberman
Found in section: Emerging Threats, Latest IT News

Tags: , ,

Previous Topic:
Next Topic:

Leave a Reply


six − 1 =

Follow Us

    Follow us on Twitter            Follow us on LinkedIn

  Visit our YouTube Page              Identity Week RSS Feed
Visit the Lieberman Software Website

Archives

Recent Comments

Tags

Administrator Password Application-to-Application Credentials Application Security Cloud Computing Cloud Security CSO cyber-attacks cyber attack Cyber Security data breach Data Breaches Datacenter Security Data Security default password disaster recovery enterprise security Governance Risk and Compliance hacktivism Identity Management insider threat Insider Threats Internet security IT Audit IT Auditing Compliance Reports IT Marketplace IT Outsourcing IT security IT Security Threats online privacy Password Security PCI-DSS Compliance privileged account credentials privileged account management privileged accounts Privileged Identities privileged identity management regulatory compliance RSA Securing Legacy Applications Security Management SIEM smart card smartphone security stolen credit card Stuxnet