The government will be spending as much a $100 million to protect its computer systems against cyber attacks.
There is also “a request from inside the government” for extra money in the upcoming 2015 federal budget to back this cyber security strategy, according to a report from the Globe and Mail.
The daily said it got its information from a senior officials who asked not to be identified. The sources said the amount needed for the initiative could go over $100 million spread over several years. The project will involve upgrading the government security system.
The decision to move beyond patching security holes comes after Chinese state-backed hackers broke into the National Research Council’s network in July last year. The national body responsible for business-led technology research the “cyber-intrusion” on its IT infrastructure was detected by the country’s electronic spy agency, the Communications Security Establishment Canada (CSEC). The NRC said the cyber attack was carried out by a “highly sophisticated Chinese state-sponsored actor.”
The NRC had to shut down the system to thwart cyber espionage activities. However, sources told the Globe and Mail that officials knew of the intrusion before they system was shut down. They did this in order to find out what the attackers were doing and how they were going about it.
The amount the government is seeking may look very big but it’s not really a lot of money considering what’s needed to protect the government system, according to Claudiu Popa, a security and privacy adviser to Canadian enterprise organizations, associations and agencies and head of Informatica, a Toronto-based risk assessment and security firm.
“We must consider that security controls come in numerous different shapes and flavours,” he said. “The stated goals of the initiatives have been to add to Canada’s preventive and detective capabilities, but also from a response perspective, to bolster our ability to correct and remediate.”
He said the types of safeguards needed also need to be applied across the nation and over multiple and often disparate systems.
Over the last five years, the government has already devoted more than $240 million to bolster its cyber security capability.
Meanwhile, sources told the Globe that the NRC computer system is currently being rebuilt and broader safeguards are being installed.