Sask. government computers attacked millions of times last year

The province says its computer network withstood millions of cyberattacks last year.

Defences keep cybercriminals at bay

Crystal Zorn is the head of information security for the province. (CBC)

Saskatchewan government officials said they beat back millions of cyberattacks against the provincial computer system last year. 

The province has 15,000 computers in its network. The information stored in the system ranges from health and financial data to sensitive reports.

The province is cautious about talking about the attacks because technology is evolving rapidly and it doesn’t want to tip its hand to the attackers. 

The Ministry of Central Services oversees computer security. Crystal Zorn is the head of information security. 

"The types of tools that cybercriminals use to target systems often are very common day, and the types of things you see on your own home computer," Zorn said. 

She said the province focuses on employee education, training and awareness to combat these attacks. 

Terry Roebuck is a retired computer security expert who spent decades keeping information secure at the University of Saskatchewan. He says there are two broad categories of cyberattack. 

"One type of attacker is somebody who targeted a specific system, that is I want to break into this particular system for this particular reason," Roebuck explained. "That person has an idea what the perimeter of the system is like." 

He went on to describe a computer attack that could be called "non-directed".

"That doesn't mean there's not a human involved," Roebuck said, "but it could also be an automated system."

The hackers behind these attacks are scanning the internet, looking for vulnerable spots.

"Usually in this case somebody has come across a weakness in a computer system, they're scanning vast parts of the internet looking for any computer that responds to that weakness, and they attack that computer," he said. 

The more troublesome attacks are the directed attacks, Roebuck said, where somebody is looking for specific information from a specific place. 

In that scenario, cybercriminals will often use information available through social networking sites and then cross-reference it with staff lists. 

"[They] look at who works there, understand what they do in their spare time, what their names are, what their spouses names are, what their children's names are, who they communicate with, a lot of which I can find out through the internet, a lot of webpages provide quite a lot of information that later can be used to get that kind of background data on a site," Roebuck said. 

"And then I can start sending directed emails," he said. "A favourite example of mine might be to send a message to somebody working in the system saying look at this great picture of your kid on second base, what a wonderful catch. And of course the person clicks on the picture and nothing happens and they think, hmm, bad picture, it didn't come through and they forget about it totally. But that one click will be enough to compromise their computer system, which gives the attacker an opportunity now to be inside the main security perimeter and attack other systems." 

The province's expert, Zorn, said she’s not aware of any security breaches, or of anyone who has ever been prosecuted for hacking into a provincial government computer system.