The federal government’s cyber experts are investigating a breach of security controls in the office of Governor General Mary Simons.
In a statement Thursday, the Office of the Secretary to the Governor General (OSGG) said someone had “an unauthorized access to its internal network.”
The OSGG is working with the Canadian Centre for Cyber Security, which defends federal IT networks, on the investigation, and took immediate action to strengthen its network, the statement said.
“While the nature and the scope of the breach are still under investigation, the OSGG is continuing its work with experts and pursuing further network improvements as needed. In addition, the OSGG has been in communication with the Office of the Privacy Commissioner in response to this incident.”
The governor general is the official head of state of Canada, while the prime minister is the head of government. As such she would be briefed on government policies. The governor general is also the commander in chief of the armed forces.
The OSGG statement didn’t make it clear how far the access had gotten into the network, how long the attacker was there, or whether the attack accessed data or the email system.
David Swan, an Alberta-based director of the Centre for Strategic Cyberspace and Security Science, said in an email that the Governor General’s Office is an unlikely target for hackers because it controls limited funds, has relatively few people, and would have limited political intelligence. “This infers that the attackers were not a top tier hacking organization, nor a nation sponsored hacking group.”
In an email, an official of the Cyber Security Centre said it isn’t doing interviews on the incident because it is still being investigated. “We are working closely with OSGG to ensure there are robust systems and tools in place to monitor, detect, and investigate potential threats, and to neutralize threats when they occur,” the Centre said in a statement on its website.
“The Government of Canada, like every other government and private sector organization in the world, is subject to ongoing and persistent cyber threats. Cyber threats can result from system or application vulnerabilities, or from deliberate, persistent and targeted attacks by outside actors to gain access to information. We are constantly reviewing measures to protect Canadians and our critical infrastructure from electronic threats, hacking, and cyber espionage.
“We continue to be vigilant in monitoring this situation, and encourage all government and non-government partners to use cyber security best practices.”
