• Thanks for stopping by. Logging in to a registered account will remove all generic ads. Please reach out with any questions or concerns.

"Canadian Forces recruiting website hacked"

The Bread Guy

The Bread Guy

Moderator
Staff member
Directing Staff
Subscriber
Donor
Reaction score
6,848
Points
1,260
The recruiting web page for the Canadian Armed Forces appears to have been hacked Thursday, redirecting users to an official Chinese state page.

Users visiting forces.ca, which is the main landing page for would-be recruits, were instead getting a page full of information and statements about Chinese government ministers, and their activities, in that country. The site now shows an error message instead.

It is unclear who is responsible for the attack.

A spokesman for the Department of National Defence told CBC News they are aware of the situation but have no comment at this time.

"This is a serious matter," Public Safety Minister Ralph Goodale told reporters Thursday after question period. "We don't want to jump to conclusions, but when something of this nature happens ... we treat it with real gravity, and we'll investigate it. That process is underway right now."

He said it was not yet clear if any personal information has been compromised by the hack.

"It's very early in the going to get into any details," he said ...
Click to expand...
More here
 
Let me guess it said – “Join the PLA, we have boots, tents and a spare uniforms”
 
Colin P said:
Let me guess it said – “Join the PLA, we have boots, tents and a spare uniforms”
Click to expand...

...soon to be planes and ships included as well. Maybe even trucks that go off road.
 
Inspir said:
Why is Ralph Goodale chiming in when it's a DND matter?
Click to expand...

Security of Government of Canada websites is presumably a public safety issue.
 
Considering how long it was up, there must not be any 24-hour monitoring personnel at CSEC anymore.
 
As a DNS redirect, monitoring might not have caught it - since the actual webserver was never touched.  If your local system uses a DNS cache, until that cache expires, you won't see the problem.

 
dapaterson said:
Security of Government of Canada websites is presumably a public safety issue.
Click to expand...

The security of Government of Canada websites is a Communication Security Establishment issue, therefore a National Defense issue. Nothing really to do with his department. It would be like the MND commenting on a police matter.
 
From the Public Safety website it looks like this falls under their jurisdiction
https://www.publicsafety.gc.ca/cnt/ntnl-scrt/cbr-scrt/rprt-en.aspx

Tom
 
Inspir said:
It would be like the MND commenting on a police matter
Click to expand...

Well, he is a former cop and probably more qualified to speak on police matters than Minister Goodale.
 
And the website was never hacked.  It was only a DNS redirect.
 
LunchMeat said:
Considering how long it was up, there must not be any 24-hour monitoring personnel at CSEC anymore.
Click to expand...

It's probably not something high priority to watch. It's not like there is sensitive information on it. Even if you apply it redirects you to a secured server separate of the recruiting website.
 
Please look at what CSE does: https://www.cse-cst.gc.ca/en/about-apropos/faq  See also: "How does CSE defend Canadian networks?" Networks that are open to the general public are not "secured," and it would seem that several organizations, including e.g. the University of Toronto's Citizen Lab have been warning us all, for years, about Chinese hackers. The dilemma for organizations like DND's recruiters is to be open and accessible but not too vulnerable ... it's a tough choice, i guess. (I'm not an IT person.)

CSE is an easily misunderstood part of government, and one which 99.999% of Canadians, including military personnel up to and including the rank of admiral/general, know little and understand less ... and that is how it should be. It is an important "tool" in the national strategic and operational tool-kit and some of you will know that CSE often shares the dirt and danger with you ... but it is not part of the military; while Minister Sajjan answers for it in the House of Commons it is, mainly, a Privy Council Office tool .. and that, too, is as it should be.

Caveat lector: it has been nearly 20 years since I last walked into the Tilley Building or CFS Leitrim so a lot has changed since I knew a bit about what CSE is and how it works, and that is also how it should be. Don't believe everything much of what you read in the media or on the internet.
 
Inspir said:
It's probably not something high priority to watch. It's not like there is sensitive information on it. Even if you apply it redirects you to a secured server separate of the recruiting website.
Click to expand...

My comment was trying to be tongue-in-cheek, a dig to the government's downplaying on the need and funding for CSIS, CSEC; earlier this year and last year. Oops.
 
More from Public Safety Canada (scroll down at link)--alles klar?

...
Establishing Clear Federal Roles and Responsibilities

With a subject as critical as cyber security, there is no room for ambiguity in terms of who does what. This Strategy sets out the required clarity.

Public Safety Canada will coordinate implementation of the Strategy. It will design a whole-of-Government approach to reporting on the implementation of the Strategy. It will provide central coordination for assessing emerging complex threats and developing and promoting comprehensive, coordinated approaches to address risks within the Government and across Canada. Within Public Safety Canada, the Canadian Cyber Incident Response Centre will continue to be the focal point for monitoring and providing advice on mitigating cyber threats, and directing the national response to any cyber security incident. Public Safety Canada will also lead public awareness and outreach activities to inform Canadians of the potential risks they face and the actions they can take to protect themselves and their families in cyberspace.

The Communications Security Establishment Canada has internationally recognized expertise in dealing with cyber threats and attacks. With its unique mandate and knowledge, the Communications Security Establishment Canada will enhance its capacity to detect and discover threats, provide foreign intelligence and cyber security services, and respond to cyber threats and attacks against Government networks and information technology systems...
https://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/cbr-scrt-strtgy/index-en.aspx
Click to expand...

Mark
Ottawa
 
You must log in or register to reply here.

Similar threads

paalerik
  • Locked
job with the CAF ?
Replies
12
Views
13K
Harris
Harris
shawn5o
Trudeau invited Chinese troops to train at Canadian military bases
2 3
Replies
53
Views
46K
Furniture
Furniture
E
DND Accused of Using Pandemic to Withhold Info- Broad Topic of Clerks+Per File
2 3
Replies
42
Views
49K
BeyondTheNow
BeyondTheNow
OceanBonfire
Former Canadian Forces officer sues federal government over mistaken identity...
Replies
16
Views
23K
Weinie
Weinie
OceanBonfire
Canada nearly lost 2018 UN mission because it didn't have enough women in uni...
Replies
7
Views
17K
Ralph
R
Back
Top