The recent hacking attempt on a sensitive Canadian government computer network bears resemblance to attacks mounted by an elite unit of the Chinese army, a cyber-security expert has suggested.
The attack, revealed early this week targeted Canadian National Research Council (NRC), a leading research body that works with major companies such as aircraft and train maker Bombardier.
Canada’s accusations that the attack has been ordered by Chinese officials were roundly dismissed by Beijing saying no credible evidence of China’s links to the attackers had been presented.
However, cyber-security firm CrowdStrike said the features of the attack were strikingly similar to other attacks previously launched by a Shanghai-based cyber unit of the People's Liberation Army, also known as 'Putter Panda.'
"It certainly looks like one of the actors we track out of China that we've seen going after aircraft manufacturers in the past," said CrowdStrike’s Chief Technology Officer Dmitri Alperovitch.
According to Alperovitch, Putter Panda, or Unit 61486, has thousands of people and conducts intelligence on satellite and aerospace industries, he said.
The recent attack represented the first instance when Canadian authorities openly accused another country of launching a cyber-attack against Canada.
"By making it public, it's a warning shot across the bow, saying 'We treat this stuff very seriously,'" said Gordon Houlden, a former Canadian diplomat who served for years in Beijing and who heads the University of Alberta's China Institute.
China is Canada's second most important trading partner after the United States. Although Canada enjoys good relations with China, which it sees as a promising market for crude, the high-profile nature of the latest target against the NRC may have made it impossible for Ottawa to keep quiet.
The NRC is being forced to set up a new secure computer network which could take up to a year to build.
The Communications Security Establishment, which detected the attack, declined to give further details.
A spokesman said the agency was actively working with the NRC and other government partners "to assess and mitigate this cyber-intrusion event.