Hacking attack in Canada bears signs of Chinese army unit: expert
By David Ljunggren and Alastair Sharp
OTTAWA/TORONTO (Reuters) - The recent hacking attempt on a sensitive Canadian government computer network is similar to attacks mounted by an elite unit of the Chinese army based in Shanghai, according to a cybersecurity expert.
Canada said on Tuesday "a highly sophisticated Chinese state-sponsored actor" had broken into the National Research Council, a leading body that works with major companies such as aircraft and train maker Bombardier Inc (BBDb.TO: Quote). Beijing on Thursday accused Canada of making irresponsible accusations that lacked credible evidence.
While Canada did not give details of the attack, CrowdStrike Chief Technology Officer Dmitri Alperovitch said it was similar to other hacking campaigns launched by a unit of the People's Liberation Army that his company has nicknamed 'Putter Panda.' The group, Unit 61486, has thousands of people and conducts intelligence on satellite and aerospace industries, he said.
"It certainly looks like one of the actors we track out of China that we've seen going after aircraft manufacturers in the past," Alperovitch said. CrowdStrike is a California-based security technology company.
Ottawa's public complaint was the first time it had ever identified a suspect in a string of attacks on government and commercial computers.
A former Canadian cabinet minister, Stockwell Day, separately confirmed for the first time on Thursday that Chinese operators were suspected of hacking into the Finance Department and the Treasury Board, a body with overall responsibility for government spending, in 2011.
The Canadian government has never publicly said who it thought was behind the 2011 attacks. Day - who had some responsibility for cyber security when he was in office - said Ottawa suspected those responsible were Chinese.
China's Foreign Ministry on Friday demanded that Canada "cease making groundless accusations against China". Continued...