OTTAWA – A hacker was able to gain access to two government computers earlier this year, a breach of security that went unnoticed for days until a “trusted source” notified Shared Services Canada of the intrusion.

A forensic analysis of the two computers from Public Works and Government Services Canada showed no malicious code or “suspicion of infection or compromise,” according to a security report filed after the incident, but IT security workers were working on the firewalls around the network to ensure another hacker didn’t gain unauthorized access.

The hacker was able to get into the computers through a program that allows remote access to a workstation via an Internet connection. The breach began May 31 and was still active on June 7 when the unnamed source told Shared Services Canada about suspicious network activity.

The “brute force” attack on Public Works was one of several successful breaches between May and August, according to reports released to Postmedia News under the access to information law that showed successful cyber-attacks targeted departments and agencies that were previously not breached, including the Immigration and Refugee Board of Canada, which was hit twice in July and once in August.

Story continues below advertisement

Natural Resources Canada had to change its server configuration after internal network information was compromised by a hack.

It’s not clear if any sensitive information was taken.

The Public Works report suggests nothing was removed, but the department wouldn’t say if hackers were able to make off with files or network information. Instead, questions were referred to Public Safety Canada, which wouldn’t say Friday whether any information was leaked, saying the government wouldn’t comment on “specific threats for security reasons.”

The number of successful breaches shown in the reports is a minor portion of the overall number of threats government systems face daily. However, IT-related incidents are a continuing problem for governments, as more powerful detection tools and awareness show the government’s networks are not immune from a successful hack.

“We don’t know how to make perfectly secure systems,” said Anil Somayaji from Carleton University’s Computer Security Lab. “In designing systems to deal with this, we have to say its going to break … and are you willing to live with the consequences? If not, don’t build it.”

Each affected department hardened its security following the breach, according to the reports.

For instance, the Immigration and Refugee Board of Canada expected to take two weeks to patch over vulnerabilities in its network after a “potentially dangerous request” from an IP address helped take down two of the board’s webpages that were key to navigating its website. Visitors to the site on July 13 would not have been able to get past the board’s welcome page during the attack.

Story continues below advertisement

“Although no system information was taken, and no external individual (hacker) was able to obtain admin access to our servers, IRB made the decision to harden our current IT architecture,” reads the board’s report, which, like other pages released, was heavily redacted for security reasons.

The board said it wouldn’t comment on the breaches or any programs, such as educational materials for staff, enacted in the wake of the breach, citing security reasons.

Human Resources and Skills Development Canada also had a cyber-incident of another kind. Rather than having information removed from the network, a “hostile source host IP” spammed a department inbox with thousands of emails. After 26 hours of emails, which amounted to a denial-of-service attack, according to the incident report, the recipient of the messages was left with more than 3,900 messages to review.

An internal Environment Canada briefing note said that IT security incidents have risen “following the implementation of more powerful detection tools.” Environment Canada has met with the country’s cyber spy agency, CSEC, to determine how better to protect its systems, and invoked new security measures for staff, including a monthly “active awareness program” to alert staff about cyber-security standards and limited the number of laptop and desktop computers with administrative privileges after a number of laptops were stolen in the past year.

– With a file from Mike De Souza, Postmedia News