# "Canadian Forces recruiting website hacked"



## The Bread Guy (17 Nov 2016)

> The recruiting web page for the Canadian Armed Forces appears to have been hacked Thursday, redirecting users to an official Chinese state page.
> 
> Users visiting forces.ca, which is the main landing page for would-be recruits, were instead getting a page full of information and statements about Chinese government ministers, and their activities, in that country. The site now shows an error message instead.
> 
> ...


More here


----------



## Colin Parkinson (17 Nov 2016)

Let me guess it said – “Join the PLA, we have boots, tents and a spare uniforms”


----------



## dimsum (17 Nov 2016)

Colin P said:
			
		

> Let me guess it said – “Join the PLA, we have boots, tents and a spare uniforms”



:rofl:


----------



## Flavus101 (17 Nov 2016)

Colin P said:
			
		

> Let me guess it said – “Join the PLA, we have boots, tents and a spare uniforms”



...soon to be planes and ships included as well. Maybe even trucks that go off road.


----------



## RedcapCrusader (17 Nov 2016)

I for one welcome our new Zerg... I mean... Chinese Overlords.


----------



## Inspir (18 Nov 2016)

Why is Ralph Goodale chiming in when it's a DND matter?


----------



## dapaterson (18 Nov 2016)

Inspir said:
			
		

> Why is Ralph Goodale chiming in when it's a DND matter?



Security of Government of Canada websites is presumably a public safety issue.


----------



## RedcapCrusader (18 Nov 2016)

Considering how long it was up, there must not be any 24-hour monitoring personnel at CSEC anymore.


----------



## dapaterson (18 Nov 2016)

As a DNS redirect, monitoring might not have caught it - since the actual webserver was never touched.  If your local system uses a DNS cache, until that cache expires, you won't see the problem.


----------



## Inspir (18 Nov 2016)

dapaterson said:
			
		

> Security of Government of Canada websites is presumably a public safety issue.



The security of Government of Canada websites is a Communication Security Establishment issue, therefore a National Defense issue. Nothing really to do with his department. It would be like the MND commenting on a police matter.


----------



## expwor (18 Nov 2016)

From the Public Safety website it looks like this falls under their jurisdiction
https://www.publicsafety.gc.ca/cnt/ntnl-scrt/cbr-scrt/rprt-en.aspx

Tom


----------



## George Wallace (18 Nov 2016)

CSE falls into its own little category.  It is and it isn't.   [


----------



## Haggis (18 Nov 2016)

Inspir said:
			
		

> It would be like the MND commenting on a police matter



Well, he is a former cop and probably more qualified to speak on police matters than Minister Goodale.


----------



## dapaterson (19 Nov 2016)

And the website was never hacked.  It was only a DNS redirect.


----------



## Inspir (19 Nov 2016)

LunchMeat said:
			
		

> Considering how long it was up, there must not be any 24-hour monitoring personnel at CSEC anymore.



It's probably not something high priority to watch. It's not like there is sensitive information on it. Even if you apply it redirects you to a secured server separate of the recruiting website.


----------



## Edward Campbell (19 Nov 2016)

Please look at what CSE does: https://www.cse-cst.gc.ca/en/about-apropos/faq  See also:  "How does CSE defend Canadian networks?" Networks that are open to the general public are not "secured," and it would seem that several organizations, including e.g. the University of Toronto's Citizen Lab have been warning us all, for years, about Chinese hackers. The dilemma for organizations like DND's recruiters is to be open and accessible but not too vulnerable ... it's a tough choice, i guess. (I'm not an IT person.)

CSE is an easily misunderstood part of government, and one which 99.999% of Canadians, including military personnel up to and including the rank of admiral/general, know little and understand less ... and that is how it should be. It is an important "tool" in the national _strategic_ and _operational_ tool-kit and some of you will know that CSE often shares the dirt and danger with you ... but it is not part of the military; while Minister Sajjan answers for it in the House of Commons it is, mainly, a Privy Council Office tool .. and that, too, is as it should be.

_*Caveat lector*_: it has been nearly 20 years since I last walked into the Tilley Building or CFS Leitrim so a lot has changed since I knew a bit about what CSE is and how it works, and that is also how it should be. Don't believe everything much of what you read in the media or on the internet.


----------



## Rifleman62 (19 Nov 2016)

ERC: 





> Don't believe everything much of what you read in the media or on the internet.



Agree, CBC is a fake news outlet.


----------



## RedcapCrusader (19 Nov 2016)

Inspir said:
			
		

> It's probably not something high priority to watch. It's not like there is sensitive information on it. Even if you apply it redirects you to a secured server separate of the recruiting website.



My comment was trying to be tongue-in-cheek, a dig to the government's downplaying on the need and funding for CSIS, CSEC; earlier this year and last year. Oops.


----------



## MarkOttawa (19 Nov 2016)

More from Public Safety Canada (scroll down at link)--alles klar?



> ...
> *Establishing Clear Federal Roles and Responsibilities*
> 
> With a subject as critical as cyber security, there is no room for ambiguity in terms of who does what. This Strategy sets out the required clarity.
> ...



Mark
Ottawa


----------

