Canadian Government Departments Face Security Breach
Attackers used social engineering and spear phishing to infiltrate the networks of Canadian Government Departments
Attackers also launched spear phishing e-mails targeted at government officials. Government officials were tricked to open a malicious attachment in the e-mail. Under spear phishing attacks, cleverly crafted e-mails are sent to targeted users, which appear to arrive from a peer, a subordinate or a superior. Once a victim downloads an infected document, a malicious code gets executed and attackers gain access to the computer. The attackers may than infiltrate the computer networks and breach classified government documents. Online computer training and e-learning programs may help create cyber security awareness among employees and reduce security breach incidents.
Usually, ethical hacker certified professionals conduct in-depth tests to identify and mitigate weaknesses in the IT infrastructure. In this case, government authorities have not disclosed any details regarding breach of classified information. Cyber security experts in Canada have indicated involvement of China based hackers in the attacks. China has been often blamed by many countries for launching cyber-attacks on key government departments. Attacks are often traced to servers based in China. However, direct involvement of a state in cyber-attacks is very difficult to establish. On the other hand, China has denied any involvement in the cyber-attacks on Canadian government departments and bodies.
Canada has faced several cyber-attacks on government computers and networks. A few months back, the Canadian government had initiated a five year $90 million national cyber security strategy to safeguard government computer systems and networks from cyber-attacks.
Cybercriminals are vibrant and always find ways to penetrate into computer systems and networks.Government must take proactive and consistent steps to prevent cyber-attacks on individual, business and government networks. Adequate investment on IT infrastructure is crucial to strengthen the defenses against intrusion attempts by attackers. Government must also invest in cyber security education and encourage IT employees to undertake security certification courses to meet the future requirements of skilled cyber security personnel.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted security conferences.
Tag Words: cyber security, intrude, infiltrate, social engineering, spear phishing, cybercrime, cyber attacks, canada, cyber crime, national cyber security