Canadian government investigating another hack at Global Affairs

The Canadian government is investigating what could be a major data breach at its foreign affairs department.

CBC News says there is an investigation into what it calls a prolonged data security breach on the internal network of Global Affairs Canada.

At least two internal hard drives, as well as emails, calendars and contacts of many staff members were affected, the news service says.

Some staff have been told they can’t work remotely because of the incident.

One government email to staff, seen by the CBC, says data of any staffer who connected remotely by virtual private network between December 30, 2023 and January 24th is at risk.

“Early results indicate there has been a data breach and that there has been unauthorized access to personal information of users, including employees,” Global Affairs said in a statement to IT World Canada.

“The Department is contacting those affected with mitigation measures to ensure that sensitive and personal information is secure. The incident has also been reported to Canada’s Office of the Privacy Commissioner.”

“An unplanned IT outage is currently affecting remote access to Global Affairs Canada (GAC)’s network in the country. The Department’s critical services and external communication channels remain accessible and operational. This partial outage was intentionally activated on January 24, 2024 to address the discovery of malicious cyber activity. Global Affairs Canada is working with IT partners, including Shared Services Canada and the Canadian Centre for Cyber Security (part of the Communications Security Establishment) to restore full connectivity as soon as possible.”

Shared Services Canada is responsible for consolidating and modernizing certain IT services across federal departments, including email, data centre, and network services.

On-site employee connectivity in government buildings is fully functioning, the Global Affairs statement said, allowing for normal computer/network access. “Employees working remotely in Canada have been provided with workarounds to ensure they remain operational. The Government of Canada deals with ongoing and persistent cyber risks and threats every day. Given its profile, Global Affairs Canada takes a proactive approach and employs a variety of security monitoring measures to detect and address potential risks. The Department is closely monitoring the situation and is conducting an investigation into the matter.

“We cannot comment further at the moment on any specific details for operational and security reasons.”

Global Affairs oversees the government’s foreign policy, and operates Canadian embassies and consulates around the world. Its minister is a member of the cabinet’s Global Affairs and Public Security committee, which not only deals with diplomatic and trade issues, but also threats and risks to the safety and security of the country.

Discovery of the incident comes almost exactly two years after Global Affairs revealed it had been compromised in a cyber attack. At that time, the Treasury Board of Canada Secretariat said the attack was detected on January 19, 2022.

According to The Hill Times, a department investigation after the attack concluded it was “very likely” Global Affairs would face another online threat that would have a “very high” impact.

David Shipley, head of New Brunswick’s Beauceron Security and co-chair of the Canadian Chamber of Commerce’s cyber council, said a key indicator of how serious this breach of security controls is will be how long the Global Affairs network is down. “The last time it happened, two years ago, they had a relatively quick recovery. If it’s a prolonged one [outage] then it’s a more significant compromise. That raises some interesting questions: Did they fully get them [the hackers] out [of the network] two years ago?”

The government needs to publicly explain this breach so other organizations can learn from the incident, he added.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including ITBusiness.ca. Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs