Canadian armed forces recruitment website hacked, users redirected to Chinese government home page

Hackers hit the Canadian armed forces recruitment website on 17 November. The hacked site was reportedly redirecting users to the official home page of the Chinese government. It is still unclear if the attack compromised users' information in any way.

A spokesperson for the Canadian defence ministry, Ashley Lemire, confirmed the attack, the Guardian reported. Upon discovery of the attack, the site was hurriedly taken down by the armed forces. At the time of writing, the Canadian military recruitment site was still down.

Canadian army spokesperson Daniel Le Bouthillier told Motherboard: "We are aware of the situation and have since taken the site down. We are investigating further and, in the meantime, will not speculate on the motivations or point of origin of the redirection."

Reports speculated that the hackers may have used SQL injection to hack into the site. Yet another theory speculated that the attackers could have hacked the armed forces' site by sending staff a phishing link.

CloudFlare security researcher Jaime Cochran said: "It could just be a simple web vulnerability that allowed the attacker to redirect visitors to [the Chinese government's site]."

In 2014, Canada's government had publicly accused Chinese hackers of having targeted key networks. In 2015, the Canadian military sought to hire hackers in the wake of escalating connected car cyberattacks.

China has previously claimed that it is a "victim rather than a troublemaker" in cyberspace. However, Chinese hackers were suspected in cyberattacks against the government websites of the Philippines and defacing Vietnam's airport websites.

Canada is not the only one to have its government website targeted by hackers. South Korea, Iran and others have also fallen victim to hackers in the past.