Responses to cyber threats in Canada have been slow and deficient, according to a report by the federal Auditor General. The report cited the part time IT support in Toronto limited monitoring of the nation's computer infrastructure security system. Bad communication was also cited as a weakness. Limited progress in patching security cracks in Canada's information technology network has been made. A cyber attack hit and damaged the Treasury Board and the Finance Department in 2011, according to Auditor General Michael Ferguson.
Blaming poor monitoring of threats, Ferguson, noted that the Cyber Incident Response Center is still not operating seven days a week, 24 hours a day as it was meant to function, when setting up the center seven years ago. A restriction on hours for IT support in Toronto can cause operation delays in detecting of emerging threats and sharing of information among the stakeholders.
This report appears almost two years after the government being forced to close Internet access in key departments after servers that were linked to China gained access to the Treasury Board and Finance computer systems. Connected with trying to gather data, the January 2011 attack concerned an impending takeover of the world's largest fertilizer producer, Potash Corp of Saskatchewan.
Opposition Liberals used the report as proof the government has not prepared enough to shore up security following the 2011 incident. Liberal leader Bob Rae stated that bankers' hours are not kept by cyber criminals and wonders why the Canadian government should keep those hours while the cyber criminals are on the job 24 hours a day.
According to Prime Minister Stephen Harper, his government has acknowledged the report recommendations and will spend more on improving security with IT support in Toronto. Harper stated that the general conclusion of the Auditor is that the government made progress in securing systems and in enhancing communications. It also has made progress in building partnerships with the owners and the critical infrastructure operations, but states that there is more work that must be completed.
Investments are continuing to deal with these problems. Canada is attempting to shore up protection for the infrastructure and IT support in Toronto. The annual report from the federal spending regulator is the first audit of the government's cyber-security strategy launched in 2010. According to this report, the government will spend another 13.2 million dollars over the next five years to increase monitoring at the response center to seven days a week and 15 hours a day.