Canada said on Tuesday "a highly sophisticated Chinese
state-sponsored actor" had broken into the National Research
Council, a leading body that works with major companies such as
aircraft and train maker Bombardier Inc <BBDb.TO>. Beijing on
Thursday accused Canada of making irresponsible accusations that
lacked credible evidence.
While Canada did not give details of the attack, CrowdStrike Chief
Technology Officer Dmitri Alperovitch said it was similar to other
hacking campaigns launched by a unit of the People's Liberation Army
that his company has nicknamed 'Putter Panda.' The group, Unit
61486, has thousands of people and conducts intelligence on
satellite and aerospace industries, he said.
"It certainly looks like one of the actors we track out of China
that we've seen going after aircraft manufacturers in the past,"
Alperovitch said. CrowdStrike is a California-based security
Ottawa's public complaint was the first time it had ever identified
a suspect in a string of attacks on government and commercial
A former Canadian cabinet minister, Stockwell Day, separately
confirmed for the first time on Thursday that Chinese operators were
suspected of hacking into the Finance Department and the Treasury
Board, a body with overall responsibility for government spending,
The Canadian government has never publicly said who it thought was
behind the 2011 attacks. Day - who had some responsibility for cyber
security when he was in office - said Ottawa suspected those
responsible were Chinese.
China's Foreign Ministry on Friday demanded that Canada "cease
making groundless accusations against China".
"Canada, lacking reliable evidence, has wrongly censured China
without any provocation, and this is an irresponsible action,"
ministry spokesman Qin Gang said, according to the ministry's
website. "China resolutely opposes this."
China is Canada's second most important trading partner after the
United States, and bilateral trade is growing. Total Canada-China
trade was C$69.8 billion in 2012 and $72.9 billion in 2013,
according to official Canadian data.
Although Canada enjoys good relations with China, which it sees as a
promising market for crude, the high-profile nature of the latest
target, the NRC, may have made it impossible for Ottawa to keep
"By making it public, it's a warning shot across the bow, saying 'We
treat this stuff very seriously'," said Gordon Houlden, a former
Canadian diplomat who served for years in Beijing and who heads the
University of Alberta's China Institute.
[to top of second column]
In May, the United States charged five Chinese military officers and
accused them of hacking into American nuclear, metal and solar
companies to steal trade secrets. The officers in that case worked
for PLA Unit 61398.
"All the action on the part of the U.S. government has opened the
flood gates for others to talk," Alperovitch said.
Canadian Prime Minister Stephen Harper's office did not respond to a
request for comment. Officials from Foreign Minister John Baird's
office declined to comment.
John McDougall, president of the National Research Council, told
employees on a conference call on Tuesday that the hackers may have
obtained client information and data.
"We know that any information held in our systems - including
employees' personal information - may have been compromised," he
said in the call, a recording of which was posted on CTV
The NRC is being forced to set up a new secure computer network
which could take up to a year to build.
Day said the NRC network had links to up to 40 other systems.
"If you get inside those cyber walls you are inside the building,"
Day told Reuters, saying that once hackers had gained access they
could "go down other corridors".
The Communications Security Establishment, which detected the
attack, declined to give further details.
A spokesman said the agency was actively working with the NRC and
other government partners "to assess and mitigate this
(Additional reporting by Mark Hosenball in Nwe York, Jim Finkle in
Boston and Megha Rajagopalan in BEIJING; Editing by Tiffany Wu and
[© 2014 Thomson Reuters. All rights
2014 Reuters. All rights reserved. This material may not be
published, broadcast, rewritten or redistributed.