Canadian Nuclear Safety Commission's website attacked

Written by Roberto Preatoni (SyS64738)
Monday, 12 February 2007  
Original

The Canadian Nuclear Safety Commission's website was hacked last week by an unknown attacker who replaced the official  "Media Releases" section with a section named  "security breaches" and there he (or she)  posted a photograph of a nuclear explosion.

The picture was labeled as "for Immediate Release" and it was associated to the caption: "Please dont [sic] put me in jail … oops, I divided by zero."

 The attack provoked astonishment and concern across Canada, because the Canadian Nuclear Safety Commission IT System holds details and sensitive information  about  nuclear activities in Canada and about how to track the movement of high-risk radioactive sealed sources.  

According to Aurèle Gervais, the spokesman of the Commission, the attack will not bring about dangers for National Security since there’s no way anyone could get the access to “potentially dangerous information” without a secure government login. Moreover Mr. Gervais confirmed the attack was carried out on a part of the website run by an external provider with no link to the internal site.

In spite of the fact that an information leak is very unlikely to happen, the Commission is going to undertake deep investigations and it has already asked the Royal Canadian Mounted Police , the national police service, to investigate.

This is the first time such an attack has been held against the Canadian Nuclear Safety Commission, but considering the variety of vulnerabilities discovered every day ,it will be hardly the last one.