Skip to main content

The Globe and Mail

Cyberattack deals crippling blow to Canadian government websites

Screen shot shows the Foreign Affairs, Trade and Development Canada website.

A cyberattack crashed federal government websites and e-mail for nearly two hours Wednesday – an incident that raises questions about how capable Ottawa's computer systems are of withstanding a sustained assault on their security.

The attack began some time after noon ET and individuals purporting to be part of the hackivist group Anonymous later claimed responsibility, saying they were protesting the passage of C-51, anti-terror legislation that gives new powers to intelligence and security agencies.

Over a couple of hours, the e-mail accounts of government employees stopped working and the Canadian government's presence on the Internet temporarily disappeared. Dozens of websites for major federal departments were rendered inaccessible, from Industry, to Natural Resources, to Justice, to Foreign Affairs, Trade and Development.

Story continues below advertisement

It was the most high-profile cyber attack in this country since Chinese state-backed hackers broke into Canada's premier scientific research agency last year. Sources told The Globe earlier this year those hackers were trying to use National Research Council computers as a conduit to reach the rest of the federal government.

The Harper government announced $58-million in the 2015 budget to improve Ottawa's cyber security and guard against future hacking attacks.

During the Wednesday assault, cabinet ministers told Canadians to use the telephone to reach Ottawa.

Some time around 2 p.m. ET, the cyberattack subsided and normal operations resumed.

Treasury Board President Tony Clement said it could have been a lot worse.

"I think our imaginations could think of ways in which it could be worse, but obviously, this is inconvenient for the public and for government, and we don't like to see it happen," Mr. Clement said.

He said Canadian government security officials are analyzing what happened to prevent a recurrence.

Story continues below advertisement

"There's always concern that this is part of a pattern, and I'm sure that our best security people and tech people are working on ways to make sure that that is not a template," or model, for future attacks.

Mr. Clement described what happened as a denial-of-service attack that targeted computer servers for the gc.ca domain – the basis for many Canadian government websites.

During an assault such as this, hackers flood a website with outside requests to communicate, leaving it unable to deal with legitimate Web traffic and liable to shutting down. They often harness a multitude of computers to attack a single target and, in this case, are called distributed denial of service (DDoS) attacks.

Public Safety Minister Steven Blaney insisted that Canadians' personal data were not stolen or released by these attacks.

He vowed Canada will track down those responsible, saying anger at the Anti-terrorism Act, 2015, is no justification.

Massachusetts-based Arbor Networks, a security software company, has amassed some information on what happened.

Story continues below advertisement

Arbor's Security Engineering & Response Team recorded a series of 15 attacks on a single Canadian government Internet Protocol (IP) address between 12:10 p.m. and 2 p.m. ET. The longest sustained assault lasted 54 minutes.

Normally, the flood of traffic for a DDoS attack comes from "botnets" – masses of hacked computers that can be ordered to attack remotely – but the Canada attack did not come from any of the networks known to Arbor's researchers.

The attacking machines came from a wide variety of locations, though four came from an anonymous IP address in Korea, the company said.

Mr. Clement said Ottawa is constantly bombarded by computer attacks. "There are incursions practically every day of every year. Usually, those incursions are unsuccessful … and so we always have to continue to make our sites and our information as impervious to attack as possible. Usually, that works. Sometimes, it doesn't, and today was a day when it didn't work," he said.

On Twitter and on YouTube, individuals claiming to be part of Anonymous took credit for the attacks. "Today, Anons around the world took a stand for your rights," a video said. "We will not allow our freedoms to be stripped one by one."

With reports from Shane Dingman and John Ibbitson

Report an error Licensing Options
About the Author
Parliamentary reporter

Steven Chase has covered federal politics in Ottawa for The Globe since mid-2001, arriving there a few months before 9/11. He previously worked in the paper's Vancouver and Calgary bureaus. Prior to that, he reported on Alberta politics for the Calgary Herald and the Calgary Sun, and on national issues for Alberta Report. More

Comments

The Globe invites you to share your views. Please stay on topic and be respectful to everyone. For more information on our commenting policies and how our community-based moderation works, please read our Community Guidelines and our Terms and Conditions.

We’ve made some technical updates to our commenting software. If you are experiencing any issues posting comments, simply log out and log back in.

Discussion loading… ✨

Combined Shape Created with Sketch.

Combined Shape Created with Sketch.

Thank you!

You are now subscribed to the newsletter at

You can unsubscribe from this newsletter or Globe promotions at any time by clicking the link at the bottom of the newsletter, or by emailing us at privacy@globeandmail.com.