The IT infrastructure of the National Research Council of Canada was recently compromised by highly sophisticated Chinese state-sponsored hackers, the Canadian government said Tuesday.
It’s not clear why the government believes that the attackers were state-sponsored, but the breach was discovered and confirmed with help from the Communications Security Establishment, Canada’s foreign signals intelligence agency. The agency is also responsible for securing government communications.
The National Research Council’s computer networks are not part of the Canadian government’s broader network and there is no evidence that data from the larger network was compromised, the Chief Information Officer for the Government of Canada said in a statement. Nevertheless, the research agency’s networks have been isolated as a precaution.
Steps have been taken to contain the security breach and protect information assets, the NRC said in a statement on its own website. An effort was launched to create a new secure IT infrastructure, but the process could take up to one year, the agency said.
The NRC has not releases details about how the attackers broke into its systems or what kind of information they obtained, if any.
The NRC is engaged in various areas of research, including information and communication technologies; human health and medical devices; security technologies; aerospace and automotive technologies; energy; mining; construction and engineering.
“Due to security and confidentiality reasons, further details cannot be released at this time,” the organization said.