The Ottawa Citizen reports that cybercriminals used spearphishing emails to gain access to the Canadian Government’s Finance Department and Treasury Board networks.
The intruders sent emails to high-ranking department officials containing a link to a webpage infected with a sophisticated virus. They also sent infected PDF files that, when opened, unleashed more malicious code to target and download government secrets.
Quoting unnamed government sources, the article says that the cybercriminals were after information about Canada’s potash industry. A January 31, 2011 government memo said, “data has been exfiltrated and that privileged accounts have been compromised.”