Table of contents
- Appearance details
- Committee information and potential questions
- CSE issue notes
- Top cybersecurity points
- Russian invasion of Ukraine and Russian cyber threats to Canada
- Cyber security and cyber incidents
- Protecting Canada’s telecommunications systems
- Arctic defence and sovereignty
- CSE recruitment and retention
- Review and oversight of CSE’s activities
- Foreign interference and cyber threats to democratic process
- Privacy and spyware technology
- Critical Cyber Systems Protection Act (CCSPA)
- Additional background documents
Appearance details
Date: Thursday, October 6, 2022
Location: Wellington building
Time: 11:00 am – 12:00 pm
Appearing:
- Caroline Xavier, Chief, Communications Security Establishment
- Sami Khoury, Head, Canadian Centre for Cyber Security
- General Eyre, Chief, Defence Staff of Canada
- Bob Auchterlonie, Commander, Canadian Joint Operations Command
- MGen Wright, Commander, Canadian Forces Intelligence
Details: Invited to appear as a part of a panel of witnesses in review of SECU’s study on the Assessment of Canada’s Security Posture in Relation to Russia.
Opening Remarks
Hello/Bonjour. Thank you, Mr. Chair, and members of the Committee, for the invitation to appear today to discuss Canada’s Security Posture in Relation to Russia.
My name is Caroline Xavier, my pronouns are she/her/elle, and I am the new Chief of the Communications Security Establishment, known as CSE. I’m joined today by Sami Khoury Head of CSE’s Canadian Centre for Cyber Security, which you may have heard referred to as the ‘Cyber Centre’.
I am pleased to join the committee, and I would like to take a moment to acknowledge that the land from which I'm joining you today is the traditional unceded territory of the Algonquin Anishinaabe nation. I’d also like to express my deepest gratitude for attending my first committee appearance as Chief of CSE.
Je vais vous présenter une brève mise à jour sur le rôle du CST pour assurer la posture de cybersécurité du Canada par rapport à la Russie, et vous donner de l’information sur les récentes activités du CST pour protéger les Canadiens contre ces menaces.
Cyber Threat Landscape
CSE, reporting to the Minister of National Defence, is one of Canada's key security and intelligence agencies.
The Communications Security Establishment Act, or CSE Act, sets out five aspects of our mandate: cyber security and information assurance; foreign intelligence; defensive cyber operations; active cyber operations; and technical and operation assistance.
As part of this mandate, CSE is the country’s lead technical authority for cybersecurity.
Le Centre canadien pour la cybersécurité est un secteur au sein du CST et un centre d’expertise unique pour toutes les questions techniques et opérationnelles en matière de cybersécurité.
I will now provide a brief breakdown of the key findings regarding the current cyber threat landscape, particularly as it relates to Russia. I should note that CSE has issued four bulletins about Russian-backed activities this year, focused on threats to cybersecurity and on disinformation.
Tout d’abord, voici quelques cybermenaces auxquelles le Canada doit faire face à l’heure actuelle. Nous présentons ces menaces plus en détail dans notre Évaluation des cybermenaces nationales que je vous encourage à consulter pour avoir une meilleure compréhension du contexte des menaces.
In that assessment we highlighted that cybercrime is the most prevalent and most pervasive threat to Canadians and Canadian businesses.
Cybercriminals trying to probe Canadian systems have been found in Russia, China, and Iran, among others. These actors use various techniques such as ransomware, theft of personal data, and online fraud. Critical infrastructure operators and large enterprises are some of the most lucrative targets.
While cybercrime is the most likely threat to impact the average Canadian, the state-sponsored cyber programs of China, North Korea, Iran, and Russia, pose the greatest strategic threat to Canada.
Foreign cyber threat activities, including Russian-backed actors, are attempting to target Canadian critical infrastructure network operators, as well as their operational and information technology.
La Russie possède d’importantes cybercapacités et a montré dans le passé qu’elle pouvait les utiliser à mauvais escient. On pense notamment à la cybercompromission de SolarWinds, les perturbations visant les efforts d’élaboration d’un vaccin contre la COVID-19, les menaces contre le processus démocratique en Géorgie et le maliciel NotPetya.
Besides Russian-backed challenges to Canadian cybersecurity, as I have noted Russian disinformation campaigns also threaten Canada and Canadians.
In July of this year CSE noted that it had continued to observe numerous Russia-backed disinformation campaigns online, aimed at supporting Russia’s brutal and unjustifiable invasion of Ukraine
SIGINT/Foreign Intelligence
Maintenant que je vous ai présenté les principales tendances et menaces, je vais vous donner un aperçu des façons dont le mandat du CST nous aide à résoudre ces problèmes. Le CST possède des capacités techniques et opérationnelles uniques qui lui permettent d’intervenir lorsque surviennent divers types de menaces contre le Canada, notamment les auteurs de menaces d’États hostiles
CSE’s foreign signals intelligence program provides sophisticated capabilities which allows us to access, process, decrypt, and report on current and emerging cyber threats. We use this information to then brief and disseminate to government.
Le renseignement étranger que le CST recueille nous permet de transmettre cette information non seulement aux propriétaires et exploitants de l’infrastructure essentielle au Canada, mais aussi à nos alliés, à nos partenaires de l’OTAN et à l’Ukraine.
Having this information ahead of any materialized threat allows them to proactively protect and defend their systems.
The CSE Act further enables us to provide technical and operational assistance to federal law enforcement, security and defence partners including the Department of National Defence (DND), Canadian Armed Forces (CAF), the Royal Canadian Mounted Police (RCMP), and the Canadian Security Intelligence Service (CSIS).
This means that CSE is authorized to assist the CAF in support of government-authorized military missions, such as Operation UNIFIER. This support includes intelligence sharing and cyber security.
L’un des principaux rôles du CST est d’informer le gouvernement au sujet d’activités d’entités étrangères qui menacent le Canada ou ses alliés. Parmi ces menaces, il y a les cybermenaces étrangères, l’espionnage, le terrorisme et même les campagnes de désinformation.
For example, since the Russian invasion of Ukraine began, we have observed numerous Russian-backed disinformation campaigns online, designed to discredit and spread disinformation about NATO allies, as well as false narratives about Canada’s involvement in the Russia-Ukraine conflict.
Par exemple, les médias contrôlés ont reçu l’ordre d’inclure des images trafiquées de membres des Forces canadiennes en première ligne et de fausses allégations selon lesquelles les Forces canadiennes commettent des crimes de guerre.
We shared this information on Twitter as part of the Government of Canada’s efforts to help inform Canadians on how to help stop the spread and protect themselves from disinformation.
We will continue to work closely with our Five Eyes partners, as well as harness all our expertise to confidently ensure Canada’s resiliency against threats in terms of cybersecurity or disinformation.
Conclusion
Malgré le niveau de sophistication toujours plus élevé de la désinformation et des auteurs de cybermenace de la Russie, je peux vous assurer que nous travaillons sans relâche pour relever la barre en matière de cybersécurité au Canada et pour protéger tous les Canadiens contre ces menaces émergentes.
We have the necessary expertise in place to monitor, detect, and investigate potential threats, and we are developing further capabilities and capacities to take active measures to protect, deter, and defend against them.
Nous continuons également de publier des avis et des conseils qui permettent aux Canadiens et aux entreprises canadiennes d’améliorer leurs pratiques en matière de cybersécurité.
And we will continue to collaborate closely with our FVEYS and NATO allies to protect the critical infrastructure, economies and democratic systems of our countries.
With that, I thank you for the opportunity to appear before you today and I look forward to answering any questions you may have.
Committee membership and profiles
Committee membership and profiles
- Ron Mckinnon, Chair LPC (Coquitlam-Port Coquitlam, BC)
- Raquel Dancho, Vice-Chair, CPC (Kildonan – St. Paul, MB)
- Kristina Michaud, Vice-Chair, BQ (Avignon–La Mitis–Matane–Matapédia, QC)
- Paul Chiang, LPC (Markham – Unionville, ON)
- Pam Damoff, LPC (Oakville North – Burlington, ON)
- Dane Lloyd, CPC (Sturgeon River – Parkland, AB)
- Alistair Macgregor, NDP (Cowichen-Malahat-Langford, BC)
- Tony Van Bynen, LPC (New Market-Aurora, ON)
- Taleeb Noormohamed, LPC (Vancouver - Granville, BC)
- Doug Shipley, CPC (Barrie – Springwater – Oro-Medonte, ON)
- Tako Van Popta, CPC (Langley-Aldergrove, BC)
- Peter Schiefke, LPC (Vaudreuil – Soulanges, QC)
Ron Mckinnon, Chair LPC (Coquitlam-Port Coquitlam, BC)
Election to the House of Commons
- First elected in 2015
Professional background
- Obtained a Bachelor of Science from the University of Alberta
- Honours diploma in Computer Technology from Southern Alberta Institute of Technology
- Former business owner and computer systems analyst
- Worked as a meteorological technician for Environment Canada’s Atmospheric Environment Service
Committee membership
- Member of the Standing Committee on Public Safety and National Security (2021-)
- Member of the Standing Committee on Science and Research (2021-)
- Chair of the House Standing Committee on Health (HESA) since 2020 (Member since 2016)
- Chair of the Subcommittee on Agenda and Procedure of the Standing Committee on Health (Member since 2018)
- Member of the Liaison Committee since 2020
- Member of the House Standing Committee on Justice and Human Rights (2017-2019)
Political and parliamentary roles
- Member of the Canada-Africa Parliamentary Association, Canada-China Legislative Association, Canada-Europe Parliamentary Association, Canada-France Interparliamentary Association, Canadian NATO Parliamentary Association, Canada-United Kingdom interparliamentary Association, Canadian delegation to the Organization for Security and Cooperation in Europe Parliamentary Assembly (2020)
Points of interest to CSE
- NIL
Other interests
- Justice, health ethics, responding to the opioid crisis (introduced the Good Samaritan Drug Overdose Act), national pharmacare, LGBTQ2+
Raquel Dancho, Vice-Chair, CPC (Kildonan – St. Paul, MB)
Election to the House of Commons
- First elected in 2019
Professional background
- Studied at McGill University with a BA in Political Science
- Policy analyst with the Office of the Official Opposition, PC Caucus (2014-2016)
- Executive Assistant to the Minister of Sustainable Development for the Government of Manitoba (2016-2017)
- Special Assistant to the Hon. Cathy Cox, Minister of Sport, Culture and Heritage for the Government of Manitoba (2017-2019)
Committee membership
- Vice-Chair of the Public Safety and National Security Committee (2021-)
- Vice-Chair of the Human Resources, Skills and Social Development and the Status of Persons with Disabilities Committee (2021)
- Member of the Subcommittee on Agenda and Procedure of the Standing Committee on Human Resources, Skills and Social Development and the Status of Persons with Disabilities (2021)
- Vice-Chair of the Citizenship and Immigration Committee (2020-2021)
- Member of the Subcommittee on Agenda and Procedure of the Standing Committee on Citizenship and Immigration (2020-2021)
- Member of the Standing Committee on the Status of Women (2020)
Political and parliamentary roles
- Shadow Minister for Public Safety (2021-)
- Shadow Cabinet Minister for Future Workforce Development and Disability Inclusion (2021)
- Shadow Cabinet Minister for Immigration, Refugees and Citizenship (2020-2021)
- Shadow Cabinet Minister for Diversity and Inclusion and Youth (2019-2020)
Points of interest to CSE
- On May 28, 2021, during Question Period: Interest in research security in relation to the two Canadian scientists at the National Microbiology Laboratory who were fired due to the suspected sharing of confidential information with the Chinese Communist Regime.
- On November 16, 2020, during a House debate: “We know that because of the Communist Party of China, individuals representing this party in Canada have been engaged in vigorous campaigns of intimidations, threats and coercion against pro-democracy Chinese Canadians, and Chinese and Hong Kong nationals living in Canada.”
Other interests
- Military justice system, small businesses, women’s rights
Kristina Michaud , Vice-Chair, BQ (Avignon–La Mitis–Matane–Matapédia, QC)
Election to the House of Commons
- First elected in 2019
Professional background
- M.A. International Affairs, Laval University
- Political Advisor for the leader of the Parti Québécois before running for MP
Committee membership
- Vice-Chair of the Standing Committee on Public Safety and National Security (2020-)
- Member of the Subcommittee on Agenda and Procedures of the Standing Committee on Public Safety and National Security (2020-)
Political and parliamentary roles
- Previous member of the Canada-Europe Parliamentary Association; Canadian Delegation to the Organization for Security and Co-operation in Europe Parliamentary Assembly; Canada-Italy Interparliamentary Group; Canadian Branch of the Commonwealth Parliamentary Association; and Canadian Branch of the Assemblee parlementaire de la Francophone; the Canada-Africa Parliamentary Association; Member of the Canada-China Legislative Association; Member of the Canada-Europe Parliamentary Association; Member of the Canadian NATO Parliamentary Association and several others.
Points of interest to CSE
- On May 5, 2021 during a National Security and Intelligence Committee of Parliamentarians appearance: Interest in cyber attacks engaged by Russia and China, including information theft and disinformation campaigns. Also interest in European Medicines Agency confirming that confidential emails were stolen and posted on the Russian dark web.
- Also, on May 5, 2021: “You always talk about terrorism as the number one threat. You also talk about cyber threats, espionage and foreign interference, which are growing issues. Do you see these issues as a new form of terrorism? I’m thinking in particular of cyber threats, the situation on social media, and foreign interference with intellectual property.”
Other interests
- Illegal firearms and gun violence, climate change, youth political involvement, Indigenous Peoples, mental health
Paul Chiang, LPC (Markham – Unionville, ON)
Election to the House of Commons
- Elected in 2021
Professional background
- Served as a York Regional Police Sergeant, with distinction, for 28 years
- Sergeant of the Diversity and Cultural Resources Unit
- Received the Police Exemplary Service medal for his service to the community and was nominated by the City of Markham as the recipient of the queen Diamond Jubilee medal
Committee membership
- Member of the Public Safety and National Security Committee (2021-)
Political and parliamentary roles
- Parliamentary Secretary to the Minister of Housing and Diversity and Inclusion (2021-)
Points of interest to CSE
- NIL
Other interests
- Law enforcement, global food insecurity, diversity and inclusion
Pam Damoff, LPC (Oakville North – Burlington, ON)
Election to the House of Commons
- Elected in 2015
Professional background
- B.A., University of Western Ontario
- Worked in financial and investment banking
- Oakville City Councillor, 2010-2015
Committee membership
- Member of the Standing Committee on Afghanistan (2021-)
- Member of the Standing Committee on Public Safety and National Security (2016-)
- Member of the Subcommittee on Agenda and Procedure of the Standing Committee on Public Safety and National Security (2020-2021)
- Former Vice-Chair of the Standing Committee on the Status of Women (2016-2019)
- Non-voting member on the Standing Committee on Health (2019)
Political and parliamentary roles
- Parliamentary Secretary to the Minister of Public Safety (2021-)
- Parliamentary Secretary to the Minister of Indigenous Services (2019-2021)
- Former Parliamentary Secretary to the Minister of Health (2019)
- Member of the Canada-China, Canada-United States, Canada-Africa, Canada-Europe Inter-parliamentary Groups/Associations
Points of interest to CSE
- Public Safety Committee, Cyber Centre’s Report on National Cyber Threat Assessment 2020, December 2020: Showed concern about the need to educate Canadians more urgently on cyber security practices due to “Russian companies” taking advantage of information being provided on the Internet.
- Public Safety Committee, briefing on cyber security, September 2018: Concerned about election interference and the spreading of misinformation. Asked Scott Jones “How are you dealing with that when it’s coming from another country, or even internally?”
- During SECU’s study of C-59: asked about the development of 5G networks and Five Eye partner’s actions on Huawei.
Other interests
- Law enforcement, racial equality, women, mental health, re-education/training
Dane Lloyd, CPC (Sturgeon River – Parkland, AB)
Election to the House of Commons
- First elected in 2017
Professional background
- Degree in History and Political Science from Trinity Western University
- Worked as a Parliamentary advisor to St. Albert-Edmonton MP Michael Cooper, the Hon. Ed Fast who served as the Minister of International Trade, and the Hon. Jason Kenney.
- Holds a commission as an infantry officer in the Canadian Armed Forces Reserves
Committee membership
- Member of the Standing Committee on Public Safety and National Security (2021-)
- Member of the Standing Committee on Natural Resources (2021)
- Member of the Standing Committee on Government Operations and Estimates (2020-)
- Former Member of the Standing Committee on Veterans Affairs (2020)
- Former Member of the Standing Committee on Industry, Science and Technology (2018-2019)
Political and parliamentary roles
- Shadow Minister for Emergency Preparedness (2021-)
- Shadow Cabinet Minister for Rural Economic Development (2021)
- Shadow Minister for Digital Government (2020-21)
- Member of the Canada-China Legislative Association, Member of the Canada-Europe Parliamentary Association, Member of the Canada-Israel Interparliamentary Group, Member of the Canada-Italy Interparliamentary Group, Member of the Canada-Japan Interparliamentary Group, Member of the Canada-United States Interparliamentary Group and Member of the Canada-United Kingdom Interparliamentary Association (2020)
Points of interest to CSE
- During a House Debate on the Digital Charter Implementation Act, November 24, 2020: Lloyd spoke on Canada entering the digital age and the need for clarity and concrete action to protect Canadians’ privacy, specifically pertaining to Bill C-11, An Act to Implement a Digital Charter for Government.
- Government Operations Committee, Main Estimates, On November 25, 2020: Lloyd spoke on artificial intelligence and quantum computing and the risk of it being used to break all encryptions on any encrypted software for both Canadians private data or government data.
Other interests
- Veterans affairs, energy sector, services to rural communities, small and medium sized businesses
Alistair Macgregor, NDP (Cowichen-Malahat-Langford, BC)
Election to the House of Commons
- First elected 2015
Professional background
- University of Victoria, BA in History and Political Science
- Master’s in professional communication at Royal Roads University
- Worked in contracting, specifically tree planting for Crew Boss in BC (1999-2006)
- Constituency Assistant for Parliament of Canada (2007-2015)
Committee membership
- Member of the Standing Committee on Public Safety and National Security (2021-)
- Member of the Standing Committee on Agriculture and Agri-Food (2021-)
- Member of the Special Joint Committee on Medical Assistance in Dying (2021)
- Member of the Standing Committee for the Scrutiny of Regulations (2021)
- Member of the Special Committee on the COVID-19 Pandemic, and others
Political and parliamentary roles
- NDP Critic for Public Safety, and Agriculture and Food (2021-)
- NDP Deputy Critic for Justice (2021-)
- NDP Critic for Agriculture, Rural Economic Development, Deputy Critic for Justice (2019-2021)
- NDP Critic for Agriculture and Agri-Food (2018-2019), and others
Points of interest to CSE
- During a House Debate on the National Security and Intelligence Committee of Parliamentarians Act, March, 2017: Spoke on the importance of government accountability and oversight specifically for CSIS, CSE and RCMP.
- Public Safety Committee, Bill C-22, November 2016: Macgregor said “the CSE commissioner currently has an obligation to inform the relevant minister and the Attorney General of Canada of any activity that he or she suspects not to be in compliance with the law”. He then inquired about expanding this “whistle blowing” duty to other departments/agencies.
Other interests
- Medical assistance in dying, agriculture, healthcare, food insecurity and climate change
Tony Van Bynen, LPC (New Market-Aurora, ON)
Election to the House of Commons
- Elected in 2019
Professional background
- Mayor of Newmarket for 12 years
- Ran for municipal office as a councillor in the year 2000 and was elected as a regional councillor in 2003.
- Former President of the Chamber of Commerce
- 30-year career in banking as a branch manager
Committee membership
- Member of the Standing Committee on Human Resources, Skills and Social Development and the Status of Persons with Disabilities, 2021
- Former member of the House Standing Committee on Health, 2020-2021
Political and parliamentary roles
- Member of the Canada-China Legislative Association, Canada-Europe Parliamentary Association, Canada-Israel Interparliamentary Group, Canadian Branch of the Commonwealth Parliamentary Association since 2020, Canada-United Kingdom Inter-Parliamentary Association, and the Canadian Delegation to the Organization for Security and Co-operation in Europe Parliamentary Assembly (2020)
Points of interest to CSE
- NIL
Other interests
- Mental health, persons with disabilities, Indigenous Peoples, COVID-19
Taleeb Noormohamed, LPC (Vancouver - Granville, BC)
Election to the House of Commons
- Elected in 2021
Professional background
- Bachelor’s degree from Princeton University
- Master’s degree in International Education Policy from Harvard University
- Attended Oxford University for his doctoral studies
- Served as a senior official in the federal government from 2002-2007
- Director of the Air India Review Secretariat and Special Advisor to the Hon. Bob Rae
- Member of the Board of Directors for the Canadian Air Transport Security Authority (CATSA)
- Vice President of Strategy and Partnerships for the Vancouver 2010 Olympic and Paralympic Winter Games
- Vice President of HomeAway (now Expedia), and other exec roles in the tech sector
- Currently Chief Executive Officer at an online marketplace for apparel and home goods
Committee membership
- Member of the Standing Committee on Public Safety and National Security (2021-)
- Member of the Standing Joint Committee for the Scrutiny of Regulations (2021-)
Political and parliamentary roles
- NIL
Points of interest to CSE
- NIL
Other interests
- Diversity and inclusion, youth, health
Doug Shipley, CPC (Barrie – Springwater – Oro-Medonte, ON)
Election to the House of Commons
- First elected in 2019
Professional background
- City of Barrie Council for three consecutive terms
- For Councillor of Ward 3, he served as Chair of Finance and Corporate Services, Chair of Infrastructure, Investment and Development Services Committee, and Deputy Chair of the Barrie Police Services Board
- Owns and operates a small business for over 20 years
Committee membership
- Member of the Standing Committee on Public Safety and National Security (2020-)
- Member of the Standing Committee on Transport, Infrastructure and Communities (2020-2021)
- Member of the Special Committee on the COVID-19 Pandemic (2020)
Political and parliamentary roles
- Deputy Shadow Minister for Housing and Diversity and Inclusion (2021-)
- Shadow Cabinet Minister for Infrastructure and Communities (2020)
Points of interest to CSE
- NIL
Other interests
- Law enforcement, infrastructure, small businesses
Tako Van Popta, CPC (Langley-Aldergrove, BC)
Election to the House of Commons
- First elected in 2019
Professional background
- Undergraduate degree from Trinity Western University
- Obtained a law degree from the University of British Columbia
- Managing Partner of the McQuarrie Hunter LLP
- Held the position of Director at the Surrey Board of Trade and the Downtown Surrey Business Improvement Association
Committee membership
- Member of the Standing Committee on Public Safety and National Security (2020-)
- Member of the Special Committee on the COVID-19 Pandemic (2020)
Political and parliamentary roles
- Member of the Canada-Europe Parliamentary Association, Member of the Canada-Ireland Parliamentary Group, Member of the Canada-United States Interparliamentary Group, Member of the Canada-United Kingdom Interparliamentary Associations (2020-)
Points of interest to CSE
- National Security and Intelligence Committee of Parliamentarians, May 2021: Interest in malicious cyber activities and the theft of intellectual property by foreign entities
- Oral Questions, June 2020: Interest in Canadians’ privacy in the digital economy
- INDU, May 2020: Increased identify theft and phishing (e-security)
- INDU, June 2020: Concern of intellectual property leaks
Other interests
- Intellectual property, consumer protection, crime prevention, support to SMEs
Peter Schiefke, LPC (Vaudreuil – Soulanges, QC)
Election to the House of Commons
- Elected in 2015
Professional background
- Bachelor’s in Political Science, Concordia University
- Master of Science in Renewable Resource Sciences, McGill University
- Former National Director of Climate Reality Canada
Committee membership
- Member of the Standing Committee on Public Safety and National Security, 2022
- Chair of the Standing Committee on Transport, Infrastructure and Communities, 2021
- Chair of the Subcommittee on Agenda and Procedure of the Standing Committee on Transport, Infrastructure, and Communities, 2021
- Former member of the Liaison Committee and the Standing Committee on Citizenship and Immigration, 2021
- Former member of the Subcommittee on Agenda and Procedure of the Standing Committee on Citizenship and Immigration, 2021
- Former member of the Standing Committee on Environment and Sustainable Development, 2020-2021
Political and parliamentary roles
- Former Parliamentary Secretary to the Minister of Immigration, Refugees and Citizenship, 2021
- Former Parliamentary Secretary to the Minister of Environment and Climate Change, 2019-2021
- Former Parliamentary Secretary to the Prime Minister (Youth), to the Minister of Border Security and Organized Crime Reduction and to the Standing Committee on Public Safety and National Security, 2018-2019
- Former member of the Canadian NATO Parliamentary Association (2018-2019), Canada-United States Inter-Parliamentary Group and Canada-Africa Parliamentary Association (2020-2021)
Points of interest to CSE
- NIL
Other interests
- Youth, climate change
Committee backgrounder
44th Parliament, 1st Session
Mandate
SECU reviews legislation, policies, programs, and expenditures of government departments and agencies responsible for public safety and national security, law enforcement, corrections and conditional release of federal offenders, emergency management, crime prevention, and the protection of Canada’s borders.
Appearances
- May 2021: CSE appeared to discuss Ideologically Motivated Violence Extremism in Canada (Artur Wilczynski appeared)
- December 2020: Briefing on the Canadian Centre for Cyber Security Report (Scott Jones appeared)
- July 2019: CSE appeared to discuss the Desjardins data breach (André Boucher appeared)
- January 2019: CSE appeared to speak on cyber security in the financial sector (Scott Jones and Eric Belzile appeared)
- From November 2017 to April 2018: CSE appeared on seven occasions for the study and clause-by-clause review of Bill C-59, National Security Act, 2017 (Chief and DCPC appeared)
- September 2018: CSE appeared for a cyber security briefing (Scott Jones and Rajiv Gupta appeared)
- November 2016: CSE appeared to speak on the National Security Framework and Bill C-22 (National Security and Intelligence Committee of Parliamentarians (NSICOP) (Dominic Rochon appeared)
Key studies
44th Parliamentary Session:
- Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes
- Assessment of Canada’s Security Posture in Relation to Russia
- Rise of Ideologically Motivated Violent Extremism in Canada
- Occupation of Ottawa and the Federal Government’s Response to Convoy Blockades
- Crowdfunding Platforms and Extremism Financing
- Systemic Racism in Policing in Canada
- Allegations of Political Interference in the 2020 Nova Scotia Mass Murder Investigation
Previous meetings (current session)
Thursday, September 29, 2022: Election of Chair. Ron McKinnon (LPC) was elected Chair.
Thursday, September 22, 2022: Assessment of Canada’s Security Posture in Relation to Russia (Drafting Report, In Camera)
Tuesday, September 20, 2022: Committee Business (In Camera)
Tuesday, August 16, 2022: Allegations of Political Interference in the 2020 Nova Scotia Mass Murder Investigation. Witnesses included:
- François Daigle, Deputy Minister of Justice and Deputy Attorney General of Canada, Department of Justice
- Owen Rees, Acting Assistant Deputy Attorney General, Department of Justice
- Jolene Bradley, Director General, National Communications Services, Royal Canadian Mounted Police
- Darren Campbell, Chief Superintendent, Criminal Operations Officer, 'J' Division, Royal Canadian Mounted Police, New Brunswick
- Lia Scanlan, Director Strategic Communications Unit, Royal Canadian Mounted Police
- Alison Whelan, Chief, Strategic Policy and External Relations Officer, Royal Canadian Mounted Police
Monday, July 25, 2022: Allegations of Political Interference in the 2020 Nova Scotia Mass Murder Investigation. Witnesses included:
- Lee Bergerman, Former Assistant Commissioner and Commanding Officer, RCMP, Nova Scotia
- Sharon Tessier, Former Director General, National Communication Services, RCMP
- Rob Stewart, Deputy Minister, Department of Public Safety and Emergency Preparedness
- Commr Brenda Lucki, Royal Canadian Mounted Police
- D/Commr Brian Brennan, Contract and Indigenous Policing, Royal Canadian Mounted Police
- C/Supt Chris Leather, Criminal Operations Officer, Nova Scotia, Royal Canadian Mounted Police
Thursday, June 16, 2022: Rise of Ideologically Motivated Violent Extremism in Canada.
Thursday, June 9, 2022: Assessment of Canada’s Security Posture in Relation to Russia and Rise of Ideologically Motivated Violent Extremism in Canada. Witnesses included:
- John Ossowski, President, Canada Border Services Agency
- Scott Harris, Vice-President, Intelligence and Enforcement Branch, Canada Border Services Agency
- Michelle Tessier, Deputy Director, Operations, Canadian Security Intelligence Service
- Rob Stewart, Deputy Minister, Department of Public Safety and Emergency Preparedness
- D/Commr Michael Duheme, Royal Canadian Mounted Police
- Supt Denis Beaudoin, Financial Crime, Royal Canadian Mounted Police
Tuesday, June 7, 2022: Rise of Ideologically Motivated Violent Extremism in Canada and Assessment of Canada’s Security Posture in Relation to Russia. Witnesses included:
- Dr. Ken Barker, Professor, Institute for Security, Privacy, and Information Assurance, University of Calgary
- Juliette Kayyem, Belfer Senior Lecturer in International Security, Harvard Kennedy School of Government
- David Shipley, Chief Executive Officer, Beauceron Security
Thursday,June 2, 2022: Assessment of Canada’s Security Posture in Relation to Russia. Witnesses included:
- Rob Stewart, Deputy Minister, Department of Public Safety and Emergency Preparedness
Thursday, May 19, 2022: Subject Matter of Supplementary Estimates (C), 2021-22 and Main Estimates 2022-23. Witnesses included:
- Hon. Marco Mendicino, Minister of Public Safety
- Anne Kelly, Commissioner, Correctional Service of Canada
- Tony Matson, Assistant Commissioner and Chief Financial Officer, Corporate Services, Correctional Service of Canada
- Jennifer Oasdes, Chairperson, Parole Board of Canada
- Brian Brennan, Deputy Commissioner, Contract and Indigenous Policing, Royal Canadian Mounted Police
- Michelle Tessier, Deputy Director, Operations, Canadian Security Intelligence Service
- John Ossowski, President, Canada Border Services Agency
- Patrick Amyot, Assistant Deputy Minister and Chief Financial Officer, Corporate Management Branch, Department of Public Safety and Emergency Preparedness
- Rob Stewart, Deputy Minister, Department of Public Safety and Emergency Preparedness
Tuesday, May 17, 2022: Assessment of Canada’s Security Posture in Relation to Russia. Witnesses included:
- Christian Leuprecht, Professor, Royal Military College of Canada, Queen’s University
- Errol Mendes, Professor, Constitutional and International Law, University of Ottawa
- Dr. Jeffrey Mankoff, Distinguished Research Fellow, National Defense University
- William Browder, Chief Executive Officer, Hermitage Capital Management Ltd
- Aaron Shull, Managing Director, Centre for International Governance Innovation
- Dr. Wesley Wark, Senior Fellow, Centre for International Governance Innovation
Thursday, May 12, 2022: Rise of Ideologically Motivated Violent Extremism in Canada and Committee Business. Witnesses included:
- Richard Fadden, Previous Deputy Minister of National Defence (2013-2015), and previous National Security Advisor to the Prime Minister (2015-2016)
- Vivek Krishnamurthy, Samuelson-Glushko Professor of Law, University of Ottawa
- D/Commr Michael Duheme, Deputy Commissioner, Royal Canadian Mounted Policy
- Cherie Henderson, Assistant Director, Requirements, Canadian Security Intelligence Service
- Marie-Hélène Chayer, Executive Director, Integrated Terrorism Assessment Centre
- Lesley Soper, Director General, National Security Policy
- Robert Burler, Senior Director, Canada Centre for Community Engagement and Prevention of Violence
Tuesday, May 10, 2022: Rise of Ideologically Motivated Violent Extremism in Canada. Witnesses included:
- Navaid Aziz, Imam
- Mohammed Hashim, Executive Director, Canadian Race Relations Foundation
- Dr. Kara Brisson-Boivin, Director of Research, MediaSmarts
- Vidhya Ramalingam, Co-Founder, Moonshot
- Adam Hadley, Executive Director, Tech Against Terrorism
Thursday, May 5, 2022: Rise of Ideologically Motivated Violent Extremism in Canada. Witnesses included:
- Dr. Garth Davies, Associate Director, Institute on Violence, Terrorism, and Security, Simon Fraser University
- Jane Bailey, Full Professor, Faculty of Law, University of Ottawa
- Samuel Tanner, Full Professor, School of Criminology, Université de Montréal
- Tony McAleer, Author and Co-founder, Life After Hate
- Marvin Rotrand, National Director, League for Human Rights, B’nai Brith Canada
- Michael Mostyn, Chief Executive Officer, National Office, B’nai Brith Canada
- Imran Ahmed, Chief Executive, Center for Countering Digital Hate
Tuesday, May 3, 2022: Assessment of Canada’s Security Posture in Relation to Russia. Witnesses included:
- Dr. Charles Burton, Senior Fellow, Centre for Advancing Canada’s Interests Abroad, Macdonald-Laurier Institute
- Dr. Frédéric Cuppens, Professor, Polytechnique Montréal
- Dr. Jonathan Paquin, Full Professor, Department of Political Science, Université Laval
- Dr. Nora Cuppens, Professor, Polytechnique Montréal
- Jennifer Quaid, Executive Director, Canadian Cyber Threat Exchange
- Michael Doucet, Executive Director, Office of the Chief Information Security Officer, Optiv Canada Federal
Thursday, April 28, 2022: Rise of Ideologically Motivated Violent Extremism in Canada. Witnesses included:
- Brandon Rigato, Lead Research Assistant on Hate and Extremism in Canada, Carleton University
- Dr. Carmen Celestini, Post Doctoral Fellow, The Disinformation Project, School of Communication, Simon Fraser University
- Dr. Christian Leuprecht, Professor, Royal Military College of Canada, Queen’s University
- Dr. Diana Inkpen, Professor, School of Electrical Engineering and Computer Science, University of Ottawa
- Dr. Stephanie Carvin, Associate Professor, Norman Paterson School of International Affairs, Carleton University
- Dr. David Morin, Co-Chair, Université de Sherbrooke, UNESCO Chair in Prevention of Radicalisation and Violent Extremism
Tuesday, April 26, 2022: Rise of Ideologically Motivated Violent Extremism in Canada. Witnesses included:
- Ilan Kogan, Data Scientist, Klackle
- Michele Austin, Director, Public Policy (US and Canada), Twitter Inc.
- Evan Balgord, Executive Director, Canadian Anti-Hate Network
- Heidi Beirich, Co-Founder, Global Project Against Hate and Extremism
- Wendy Via, Co-Founder, Global Project Against Hate and Extremism
- David Tessler, Public Policy Manager, Meta Platforms
- Rachel Curran, Public Policy Manager, Meta Canada, Meta Platforms
- Barbara Perry, Director, Ontario Tech University, Centre on Hate, Bias and Extremism
Thursday, April 7, 2022: Assessment of Canada’s Security Posture in Relation to Russia, and Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes. Witnesses included:
- David A Etkin, Professor, Disaster and Emergency Management, York University
- Dr. Paul Goode, McMillan Chair of Russian Studies, Carleton University
- Dr. Adam Lajeunesse, Irving Shipbuilding Chair on Canadian Arctic Marine Security, Brian Mulroney Institute of Government, St. Francis Xavier University
- Dr. Andrea Charron, Director and Associate Professor, Centre for Defence and Security Studies, University of Manitoba
- Marcus Kolga, Senior Fellow, Macdonald-Laurier Institute
Tuesday, April 5, 2022: Assessment of Canada’s Security Posture in Relation to Russia. Witnesses included:
- Dr. James Fergusson, Deputy Director, Centre for Defence and Security Studies, University of Manitoba
- Dr. Robert Huebert, Associate Professor, Department of Political Science, University of Calgary
- Dr. Veronica Kitchen, Associate Professor, Department of Political Science, University of Waterloo
- Dr. Ahmed Al-Rawi, Assistant Professor, Simon Fraser University
- Dr. Alexander Cooley, Claire Tow Professor of Political Science, Barnard College, Academy Adjunct Faculty, Chatham House
- Dr. David Perry, President, Canadian Global Affairs Institute
Thursday, March 31, 2022: Rise of Ideologically Motivated Violent Extremism in Canada, and Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes
Tuesday, March 29, 2022: Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes
Thursday, March 24, 2022: Occupation of Ottawa and the Federal Government’s Response to Convoy Blockades, and Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes
Tuesday, March 22, 2022: Committee Business, and Gun Control, Illegal Firearms Trafficking and the Increase in Gun Crimes
Thursday, March 3, 2022: Crowdfunding Platforms and Extremism Financing, and Rise of Ideologically Motivated Violent Extremism in Canada
Tuesday, March 1, 2022: Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes
Friday, February 25, 2022: Occupation of Ottawa and the Federal Government’s Response to Convoy Blockades
Thursday, February 17, 2022: Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes, and Committee Business
Tuesday, February 15, 2022: Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes
Thursday, February 10, 2022: Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes, and Crowdfunding Platforms and Extremism Financing
Tuesday, February 8, 2022: Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes
Thursday, February 3, 2022: Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes
Tuesday, February 1, 2022: Committee Business, and Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes
Thursday, December 16, 2021: Gun Control, Illegal Arms Trafficking and the Increase in Gun Crimes, and Proposed Regulations Amending Certain Regulations Made Under the Firearms Act
Tuesday, December 14, 2021: Systemic Racism in Policing in Canada, and Committee Business
Wednesday, December 8, 2021: Election of Chair and Vice-Chairs, and Committee Business
- The Honourable Jim Carr was elected as Chair
- Raquel Dancho (CPC) and Kristina Michaud (BQ) were elected as Vice-Chairs
Potential questions and answers
Russian invasion of Ukraine and cyber threats
1. Has CSE seen an increase in malicious cyber activity/cyber incidents since the Russian invasion of Ukraine?
- There have been high volumes of cyber activity in the lead up to and during the Russian war.
- Cyber threats are constant and ever-present in Canada.
- Canada is one of the most targeted countries in the world and Canadian organizations remain attractive targets for cybercriminals and state-sponsored cyber threat actors.
- We continue to see a wide variety of cyber threats facing the Government of Canada and Canadian organizations.
- The Cyber Centre continues to regularly observe high-impact ransomware campaigns that can negatively impact businesses and critical infrastructure providers.
2. How many cyber incident reports has the Cyber Centre received since the Russian invasion of Ukraine?
- We don’t comment on specific cyber incidents, but what I can tell the committee is we release threat bulletins and cyber alerts because we are seeing threat activity in Canada, or we have received incident reporting from Canadian entities that warrant issuing an advisory.
- It is incredibly difficult to attribute malicious cyber activity to a specific actor, or state-sponsored actor, and say if it’s related to an international crisis or is cybercrime (unless a ransom is demanded.
- We’re more concerned about protecting Canadians regardless of where the threat comes.
3. The invasion of Ukraine by Russia and the destabilizing Russian presence in cyberspace have highlighted the need to reinforce our cyber defence. Could you tell us a bit more about the work that the Communications Security Establishment has undertaken to protect Canadian cyber space and our national interest?
- CSE and the Cyber Centre have issued cyber threat bulletins, alerts, and advisories to Canadians and Canadian organizations warning of an increased risk of cyber threat activity due to the Russian invasion of Ukraine.
- In these advisories, we have outlined how there is an increased risk to critical infrastructure organizations globally from Russian state-sponsored advanced persistent threat (APT) actors, their proxies, and independent cybercriminal groups.
- As Canada’s national cyber security and foreign intelligence agency, CSE has unique technical and operational capabilities. The CSE Act includes authorities that allow us to provide technical and operational assistance to the Department of National Defence and the Canadian Armed Forces (CAF).
- CSE is authorized to assist the CAF in support of government-authorized military missions, such as Operation UNIFIER. This support includes intelligence sharing and cyber security.
- While, we can’t speak about specific operations, CSE can be counted to deliver on its mission working with Canada’s military in support of Ukraine.
4. Can CSE’s cyber operations disrupt Russian military activities in the Ukraine?
- While we can’t speak about specific operations, we can confirm that CSE has been tracking cyber threat activity associated with the current crisis.
- The CSE Act includes authorities that allow us to provide technical and operational assistance to the Department of National Defence and the Canadian Armed Forces (CAF).
- CSE is authorized to assist the CAF in support of government-authorized military missions, such as Operation UNIFIER. This support includes intelligence sharing and cyber security.
- CSE has been sharing valuable cyber threat intelligence with key partners in Ukraine. We also continue to work with the Canadian Armed Forces (CAF) in support of Ukraine, including intelligence sharing and cyber security.
5. To your knowledge, where do most of the cyber attacks or attempted attacks against Canada, originate from?
- Cyber attacks can originate from anywhere in the world and wherever they’re originated from doesn’t necessarily represent where they are coming from.
- In our National Cyber Threat Assessment we identified that the State-sponsored programs of China, Russia, North Korea and Iran pose a strategic threat to Canada.
6. Is it true that Russia often deals with non-State actors such as organized crime networks to guide their attacks so they can more easily deny them?
- In our ransomware threat assessment, we did highlight the links between Russia and some criminal organizations in saying that they were able to operate with relative impunity in the countries in which they operate in.
7. Do we have our own offensive capabilities we can use against Russia as retaliation if they try attacking our critical infrastructure?
- From a CSE perspective, we have active and defensive cyber operations that we have both legislation and capability to perform.
8. How ready is the Canadian Armed Forces, DND, and the Canadian government to deal threats from Russia?
- The Government of Canada’s cyber defence team, including CSE, is constantly reviewing measures to ensure our systems and information networks remain secure. We have tools in place to monitor, detect, and investigate potential threats, and to take active measures to address them.
- We are well-positioned to anticipate emerging cyber threats and challenges to Canada and Canadian interests. DND and the Canadian Armed Forces are part of the cyber defence team, and can speak to their military and operational readiness to counter any threats in the cyber domain.
9. What lessons have been learned about Russian cyber tactics and how to counter them?
- Russia has sophisticated cyber capabilities and has demonstrated a willingness to use them.
- Since mid-January, we have been providing information about Russian threats and the vulnerabilities they typically exploit, along with advice and guidance on how to mitigate against them.
- As new insights are gained about emerging Russian cyber threat activity, more alerts and advisories are issued. These are often promulgated via our social media accounts or through direct channels to network defenders and operators.
- When appropriate, the Government will also address specific activities. For example, as outlined in the attribution statement issued on May 10, 2022, Russian actors are responsible for various destructive cyber activities. We also joined our Five Eyes allies in releasing an advisory on Russian state-sponsored and criminal cyber threats to criminal infrastructure. In this advisory, we provided technical details on specific actors and mitigations.
- We continue to monitor these activities and we share threat reporting with our partners, allies, and Canadian stakeholders to ensure Russian tactics, techniques, and procedures (TTPs) are well-known.
Cyber rankings
10. The National Index on Cyber Security is 66/100 which puts it in 34th place in the world in terms of cyber security… What do we have to work on to improve that rating and why is our rating so low in comparison to other countries?
- I can’t speak to a third-party report and what their methodology is. There are lots of reports produced domestically, and globally that differ on rankings.
- What I can tell you is that my job is to make Canadians and Canadian organizations aware of the threats, and provide the best advice and guidance on how they can better defend themselves.
- That starts with being aware of evolving cyber threats, and using best cyber security practices to defend yourself.
Foreign interference
11. Are Chinese or Russian state-sponsored actors attempting to disrupt Canadian critical infrastructure?
- CSE has assessed that state-sponsored programs of China, Russia, Iran and North Korea all pose threats to Canada.
- CSE has also assessed that it’s very likely that state-sponsored actors are attempting to develop capabilities that could disrupt critical infrastructure, such as the supply of electricity.
- These actors may also continue to target our critical infrastructure to collect information, position for future activity or attempt to intimidate Canadians.
- But CSE assesses it is unlikely that actors will use cyber activities to disrupt or harm critical infrastructure outside conflict scenarios.
- Adopting cybersecurity best practices goes a long way to offsetting risks of exploitation by any cyber threat actor.
12. Has there been any observable change of cyber intrusions or attempts of intrusions due to the COVID-19 pandemic from foreign state-sponsored actors?
- CSE continues to advise the government on cyber threats and incidents.
- The bulk of malicious threat activity that CSE has observed during the COVID-19 pandemic continues to be criminal in nature, and CSE is working with the appropriate partners to address such activity. For example, CSE has issued alerts and cyber security advice about COVID-related phishing campaigns.
- Adopting cybersecurity best practices goes a long way to offsetting risks of exploitation by any cyber threat actor
13. Has there been an increase in commercial espionage against Canadian organizations from state-sponsored actors?
- State-sponsored actors will certainly continue to conduct espionage against Canadian businesses, academic or governments to steal intellectual property or proprietary information.
- State-sponsored cyber threat actors will continue to target intellectual property related to combatting COVID-19 in order to support their own domestic health responses or to profit from its illegal reproduction by their own firms.
- Adopting cybersecurity best practices goes a long way to offsetting risks of exploitation by any cyber threat actor.
Cyber security
14. What support has CSE provided in response to recent cyberattacks?
- The Communications Security Establishment (CSE) continues to monitor the cyber threat environment, including cyber threat activity directed at critical infrastructure networks.
- CSE’s Cyber Centre has alerted Canadian critical infrastructure operators to be aware of the risks, and has provided them with expert advice to mitigate against cyber threat activity.
- There are systems and tools in place to monitor, detect, and investigate potential threats, and to take active measures to address and neutralize them when they occur.
- If Canadian companies have been impacted by cyber threats, they are urged to contact CSE’s Cyber Centre.
- As this investigation is ongoing, I cannot comment further on the incident.
HUAWEI and 5G
15. Why did it take Canada so long to make a decision on Huawei?
- The Government of Canada takes the security of the Canada’s telecommunications system very seriously and will continue to promote secure and resilient Canadian networks.
- My priority is making sure Canada’s telecommunications networks are protected in this next generation of online interconnectivity.
- That is why CSE is working with partners both domestically and internationally to find ways to increase the security of the telecommunication networks that Canada relies on.
16. Does CSE have any concerns about the social media app Tik Tok or WeChat?
- CSE's Cyber Centre is not a regulatory agency and as such does not endorse or ban social media applications.
- It is important for Canadians to adopt good cyber security practices – which CSE shares on the cyber.gc.ca website.
Misinformation/Research organizations
17. What has the Government done to counter misinformation surrounding the COVID-19 pandemic?
- Cyber threat actors are using fake websites, imitating health agencies or government departments, to spread disinformation or to defraud Canadians.
- In response, CSE is helping to identify and take down these kinds of malicious websites.
- In coordinately with industry partners, CSE has contributed to the removal of more than 10,000 fraudulent sites or email addresses, including those pretending to be the Public Health Agency and the Canada Revenue Agency.
- CSE also continues to provide critical foreign intelligence to inform decisions on Canada’s approach to COVID-19.
18. Has CSE dealt with any compromises of our own research organizations?
- CSE is aware of incidents of malicious threat activities directed at Canadian health research organizations and continues to offer cyber security support and sharing of threat related information to limit any potential impacts to targeted organizations.
- CSE recommends that all Canadian health and research organizations remain vigilant and apply best practices in cyber security. Such practices include monitoring network logs, remaining alert to suspicious emails and calls, and keeping servers and critical systems patched for all known security vulnerabilities.
- While CSE cannot speak on any specific incidents, CSE is working with Canadian health care and research sectors, and other partners and industries, as appropriate.
19. What has CSE done specifically to reduce the risks that Canadian research and development efforts could be compromised, specific points about what we are doing with Canadian universities, GC science departments, and the private sector?
- CSE, in collaboration with CSIS, continues to engage with all of these entities to provide threat briefings. CSE, through the Cyber Centre, has published practical steps organizations can proactively take to protect themselves. These are all available online. This is in addition to alerts and advisories published regularly to draw attention to security vulnerabilities or issues.
- Further, when CSE sees malign foreign cyber activities it have both alerted the victims and assisted with recovery but also, with its colleagues around government and its allies, publicly attributed this activity as seen this past year.
- More recently we have been working with ISED to assess the cyber security posture for recipients of strategic innovation funds but it is important to note that all of the advice and guidance is publicly available for all Canadian organizations.
The National Cyber Threat Assessment report
20. What is the National Cyber Threat Assessment report? What information does it include?
- The Cyber Centre produces a report every two years outlining the greatest threats Canada faces.
- The key judgements in this report are based on reporting from multiple sources, including classified and unclassified information. The judgements are based on the Cyber Centre’s knowledge and expertise in cyber security and informed by CSE’s foreign intelligence mandate, which provides us with valuable insights on cyber threat activity around the world.
21. What are the primary concerns and observations made in the report?
- The National Cyber Threat Assessment highlights 4 key observations:
- First, cyber-crime is the most likely threat to impact Canadians now and in the years ahead;
- Second, cybercriminals often succeed in their work because they exploit human and social behaviours;
- Third, ransomware directed against Canada will almost certainly continue to target large enterprises and critical infrastructure providers.
- Finally, while cybercrime is the main threat, state-sponsored cyber programs of China, Russia, North Korea and Iran pose a strategic threat to Canada.
Media lines
CSE key messages
- As Canada’s national cyber security and foreign signals intelligence agency, CSE has unique technical and operational capabilities.
- The Communications Security Establishment Act (the CSE Act) sets out five aspects of our mandate: cyber security and information assurance; foreign intelligence; defensive cyber operations; active cyber operations; and technical and operation assistance. We use our technical expertise in all five aspects of our mandate. We do so to keep Canadians safe and secure.
- CSE’s foreign signals intelligence program provides Canada’s senior decision-makers with insights into the activities, motivations, capabilities, and intentions of foreign adversaries, and the international readiness and foreign reactions to a variety of diverse global events.
- CSE’s intelligence reporting also identifies hostile state activities, and the CSE Act authorizes us to assist the Department of National Defence and the Canadian Armed Forces.
- We support Canadian military operations and protect forces deployed abroad through advanced cyber techniques. For example, CSE could protect Canadian forces by disrupting an adversary’s ability to communicate or providing intelligence regarding an imminent threat.
- The CSE Act gives CSE the legal authority to conduct cyber operations to disrupt foreign-based threats to Canada. This includes active cyber operations to degrade, disrupt, respond to, or interfere with the capabilities, intentions or activities of foreign individuals, states, and organizations.
- If there are reasonable grounds to believe that a foreign state or actor constitutes a threat to the security of Canada and/or Canadian military forces, we are prepared to take appropriate action to address the threat.
- We continue to provide the Government of Canada with the most comprehensive information available related to Canada’s intelligence priorities, directly furthering Canadian safety, security, and prosperity.
CSE’s support to the Canadian Armed Forces and Operation UNIFIER
- As Canada’s national cyber security and foreign intelligence agency, CSE has unique technical and operational capabilities. The CSE Act includes authorities that allow us to provide technical and operational assistance to the Department of National Defence and the Canadian Armed Forces (CAF).
- CSE is authorized to assist the CAF in support of government-authorized military missions, such as Operation UNIFIER. This support includes intelligence sharing and cyber security.
- While we can’t speak about specific operations, CSE can be counted to deliver on its mission working with Canada’s military presence in support of Ukraine.
- This increased support will help Ukraine strengthen its security and ability to defend itself against a range of threats.
CSE’s messaging on cyber security in response to Ukraine and geopolitical events
- The Government of Canada’s cyber defence team, including CSE, is constantly reviewing measures to ensure our systems and information networks remain secure. We have tools in place to monitor, detect, and investigate potential threats, and to take active measures to address them.
- Russia has significant cyber capabilities and a demonstrated history of using them irresponsibly, this includes: SolarWinds cyber compromise; COVID-19 vaccine development; Georgia’s democratic process; and NotPetya malware. In light of Russia’s ongoing, unjustified invasion of Ukraine, CSE and its Canadian Centre for Cyber Security (Cyber Centre) strongly encourage all Canadian organizations to take immediate action and bolster their online cyber defenses.
- We can confirm that CSE has been tracking cyber threat activity associated with the current crisis. CSE has been sharing valuable cyber threat intelligence with key partners in Ukraine and continues to work with the Canadian Armed Forces (CAF) in support of Ukraine.
- As the situation has deteriorated, CSE’s Cyber Centre continues to monitor the cyber threat environment in Canada and globally, including cyber threat activity directed at critical infrastructure networks, operational and information technology (OT/IT). We recently issued a new unclassified threat bulletin on cyber threat activity related to the Russian invasion of Ukraine. Most importantly, we assess that the scope and severity of cyber operations related to the Russian invasion of Ukraine has almost certainly been more sophisticated and widespread than has been reported in open sources.
- We remind Canadian critical infrastructure operators and defenders to be aware of the risks and take mitigations against known Russian-backed cyber threat activity. Now is the time to take defensive action and be proactive in network monitoring and applying appropriate mitigations.
- In addition to public advisories, the Cyber Centre continues to share valuable cyber threat information with Canadian critical infrastructure partners via protected channels. This information includes indicators of compromise, threat mitigation advice, and confidential alerts regarding new forms of malware, and other tactics, techniques, and procedures being used to target victims.
- The Cyber Centre is aware of malicious cyber activity by Russian threat actors; however, this activity is primarily related to cybercrime, and it is persistent and ongoing.
- While the Cyber Centre is not currently aware of any notable change in specific threats to Canadian organizations in relation to events in and around Ukraine, there has been an historical pattern of cyber attacks on Ukraine having international consequences, such as the malware known as NotPetya in 2017.
Cyber Incident Involving the National Research Council of Canada:
- CSE and its Canadian Centre for Cyber Security (Cyber Centre) can confirm we worked in coordination with the National Research Council (NRC) and government cyber security partners in response to a cyber incident in March 2022.
- The Government of Canada, like every other government and private sector organization in the world, is subject to ongoing and persistent cyber threats. Cyber threats can result from system or application vulnerabilities, or from deliberate, persistent, and targeted attacks by outside actors to gain access to information. We are constantly reviewing measures to protect Canadians and our critical infrastructure from electronic threats, hacking, and cyber espionage.
- We are unable to comment further on any specific details regarding this incident. We can assure that you we continue to work closely with our cyber defence colleagues at the Treasury Board Secretariat – Office of the Chief Information Officer, and Shared Services Canada to ensure there are systems and tools in place to monitor, detect, and investigate potential threats, and to neutralize threats when they occur.
Cyber Threats to Canadian Critical Infrastructure
- The Government of Canada, through CSE’s Canadian Centre for Cyber Security (Cyber Centre), has been in contact with critical infrastructure operators to ensure they are aware of cyber threats related to geopolitical tensions. CSE continues to monitor Russia-backed cyber actors and share threat-related information with Canadians and Canadian organizations in a timely basis.
- As outlined in the National Cyber Threat Assessment 2020 report, we do not assess that a nation state actor (such as Russia) would intentionally seek to disrupt Canadian critical infrastructure and cause major damage or loss of line in the absence of international hostilities. Our judgement from NCTA 2020 still holds, specifically that “international hostilities” means conflict in which Canada is directly involved as a belligerent or active participant, rather than as a supporter.
- As noted in the July 2022 cyber threat bulletin, our intelligence indicates that Russian cyber threat actors are exploring options for potential cyber operations against Ukraine’s supporters, including Canada. This would include activities like cyberespionage, pre-positioning and potentially disruptive cyber operations against critical infrastructure targets. However, a Russian cyber “attack” against Canada, meaning a destructive cyber operation, still remains very unlikely.
- Notwithstanding current geopolitical events, the Cyber Centre shares valuable cyber threat information with Canada’s critical infrastructure partners via protected channels on a regular basis.
- This information includes indicators of compromise, threat mitigation advice, and confidential alerts regarding new forms of malware, and other tactics, techniques, and procedures being used to target victims.
- Canada has a strong and valuable relationship with its Five Eyes alliance partners, including our intelligence, cyber defence, and law enforcement counterparts in the United States. We regularly share information with our partners that has a significant impact on protecting our respective countries’ safety and security. While we can’t confirm or deny, or offer specific details on the intelligence shared, threat information to help defend against critical infrastructure threats is regularly shared and acted upon as appropriate.
Cyber Incident Involving Global Affairs Canada
- On January 24, 2022, the Treasury Board Secretariat – Office of the Chief Information Officer (TBS-CIO), and Shared Services Canada (SSC), confirmed they were working with Government of Canada partners, including the Communications Security Establishment (CSE) and its Canadian Centre for Cyber Security, in response to a cyber incident involving Global Affairs Canada (GAC).
- The cyber incident was detected on January 19, after which mitigation actions were taken. GAC’s loss of internal services were primarily related to the mitigation actions taken by government cyber security partners.
- Critical services for Canadians through Global Affairs Canada remained functioning. Access to a very limited number of internet-based services remained restricted as part of the mitigation measures.
- There is no indication that any other government departments were impacted by this incident.
- There are systems and tools in place to monitor, detect, and investigate potential threats, and to take active measures to address and neutralize them when they occur.
- We are unable to comment further on any specific details for operational reasons.
- Our cyber defence and incident response teams work 24/7 to identify compromises and alert potential victims within the federal government and Canadian critical infrastructure. In the wake of a cyber incident, the incident response team offers advice and support to contain the threat and mitigate any potential harm.
- We are constantly reviewing measures to protect Canadians and our critical infrastructure from electronic threats, hacking, and cyber espionage. We encourage all government and non-government partners to use cyber security best practices.
Statement - Update on GAC Cyber Incident
The Treasury Board Secretariat – Office of the Chief Information Officer (TBS-CIO), and Shared Services Canada (SSC), can confirm they continue to work with Government of Canada partners, including the Communications Security Establishment (CSE) and its Canadian Centre for Cyber Security, in response to a recent cyber incident involving Global Affairs Canada (GAC).
Critical services for Canadians through Global Affairs Canada remained functional through mitigation efforts, and since our last statement nearly all GAC priority services have been restored. It is important to note that any GAC internet-based services that were impacted during the past week were a result of the mitigation efforts taken to resolve the incident, and were preventative in nature.
Equally important to note, there continues to be no indication that any other government departments have been impacted by this incident.
The Government of Canada deals with ongoing and persistent cyber risks and threats every day.
Cyber threats can result from system or application vulnerabilities, or from deliberate, persistent, targeted attacks by outside actors to gain access to information.
We urge Canadians and Canadian organizations to remain vigilant and to visit Cyber.gc.ca and getcybersafe.gc.ca for tips on how to stay secure online.
CSIS comments that Canada is subject to thousands of cyber attacks every day
- The Government of Canada (GC) faces a variety of sophisticated and unsophisticated cyber threats on a daily basis. Cyber threat actors probe government systems and networks millions of times daily, looking for vulnerabilities, and these activities are becoming more frequent and more sophisticated.
- CSE works every day to defend government systems from these attempts. The hundreds of millions of malicious activities include, for example, reconnaissance scans, direct attempts to install malicious software on government networks, and attempts to access GC databases.
- On any given day, CSE’s defensive systems can block anywhere from 2 to 7 billion events targeting GC networks. These defensive actions are a result of CSE’s existing dynamic cyber defence capabilities which remain ready to defend Government of Canada systems and help protect against future attacks.
- CSE and its Canadian Centre for Cyber Security (Cyber Centre) work diligently with Shared Services Canada and our other partners to ensure Government of Canada networks and infrastructure are well defended against cyber threats.
- Even though we know that Canadian cyber incidents are underreported to law enforcement and the Cyber Centre, we receive approximately 100 reports per month from Canadians and Canadian organizations.
- The Cyber Centre has knowledge of 235 ransomware incidents against Canadian victims from 1 January to 16 November 2021. More than half of these victims were critical infrastructure providers. It is important to note, however, that most ransomware events remain unreported.
CSE issue notes
Top cybersecurity points
- Cyber security is a foundation for Canada’s future, for our digital economic, our personal safety, and national prosperity and competitiveness.
- Every day, the Communications Security Establishment (CSE) uses its sophisticated cyber and technical expertise to help monitor, detect, and investigate threats against Canada’s information systems and networks, and to take active measures to address them.
- Recent geopolitical events have elevated the potential risk of cyber threats, and so, CSE’s Canadian Centre for Cyber Security (the Cyber Centre) has been urging Canadians and Canadian organizations to increase cyber security measures.
- CSE continues to publish advice and guidance to help organizations be less vulnerable and more secure. It works with industry partners, including government and non-government partners, to share threat information and cyber security best practices.
- Cyber security is a whole-of-society concern, and the federal government works together with other jurisdictions, small-and-medium sized organizations, as well as critical infrastructure network defenders to raise Canada’s cyber security bar.
- If Canadian companies have been impacted by cyber threats, they are urged to contact cyber.gc.ca.
Russian invasion of Ukraine and Russian cyber threats to Canada
- In light of Russia’s ongoing, unjustified military actions in Ukraine, the Communications Security Establishment (CSE) and its Canadian Centre for Cyber Security (the Cyber Centre) strongly encourage all Canadian organizations to take immediate action and bolster their online cyber defences.
- President Putin’s recent military mobilization and nuclear threats represent an irresponsible and dangerous escalation in his illegal war.
- While I can’t speak to CSE’s specific operations, I can confirm that it has been tracking cyber threat activity and has the tools in place to monitor, detect, and investigate potential threats, and to take active measures to address them.
- CSE’s Cyber Centre continues to engage directly with Canada’s critical infrastructure operators to ensure they are aware of any evolving threats.
- CSE’s valuable cyber threat intelligence has been shared with key partners in Ukraine. We also continue to work with Canadian Armed Forces (CAF) in support of Operation UNIFIER.
Operation UNIFIER
- On January 26th, 2022, the Government of Canada announced $340 million for immediate support to Ukraine and for the extension and expansion of Operation UNIFIER, Canada’s military training and capacity-building mission in Ukraine.
- As part of this commitment, DND and CAF will work with CSE on measures to support enhanced intelligence cooperation and cyber security.
- This increased support will help Ukraine strengthen its security and ability to defend itself against a range of threats.
Disinformation campaigns
- Based on its intelligence reporting, CSE has observed numerous Russian-backed disinformation campaigns online designed to support their actions.
- CSE observed coordinated efforts by Russia to create and spread disinformation. For example, controlled media outlets were directed to include doctored images of Canadian Forces Members on the front line and false claims about Canadian forces committing war crimes.
- CSE shared this information on social media as part of the Government of Canada’s efforts to help inform Canadians on how to help stop the spread and protect themselves from disinformation.
- CSE continues to provide the Government of Canada with the most comprehensive information available related to Canada’s intelligence priorities, directly furthering Canadian safety, security, and prosperity.
Cyber security and cyber incidents
- Protecting Canada’s cyber security is essential for our security, safety, prosperity and competitiveness.
- That is why the federal government has been working to strengthen our national cyber resilience and helping Canadians adopt cyber security best practices.
- Every day, the Communications Security Establishment (CSE) uses its sophisticated cyber capabilities to identify and defend against threats to Canada’s systems and networks.
- CSE’s Canadian Centre for Cyber Security provides Canadians with expert advice and guidance and leads the Government’s response to cyber incidents.
- Ransomware is the most common cyber threat Canadian’s face, and it is on the rise.
- The Government of Canada is working to reduce the threat of ransomware by targeting and disrupting cybercriminals, coordinating strategies with international allies and by issuing advice, guidance, and services for those affected by ransomware.
- We continue to publish advice and guidance to help organizations be less vulnerable and more secure. We work with industry partners, including government and non-government partners, to share threat information and cyber security best practices.
- Cyber security is a whole-of-society concern and the federal government works together with other jurisdictions, small-and-medium enterprises as well as critical infrastructure owners and operators to raise Canada’s cyber security bar.
Protecting Canada’s telecommunications systems
- The Government of Canada conducted an extensive examination of 5G wireless technology and the various technical, economic, and national security aspects of 5G implementation.
- As a result of this examination, An Act Respecting Cyber Security (ARCS) was introduced in June to further strengthen our telecommunications system and protect our national security.
- This legislation will amend the Telecommunications Act to allow the Government to take action to prohibit the use of equipment or services from low confidence suppliers.
- In addition, the Communications Security Establishment’s (CSE) Security Review Program (SRP), which has a proven track-record of protecting Canada’s 3G/4G/LTE networks, will evolve to consider the security of Canada’s telecommunications system more broadly.
- Together, these efforts are part of a robust strategy to defend the critical digital infrastructure upon which Canadians rely.
Arctic defence and sovereignty
- As climate change rapidly evolves and causes Arctic ice to melt, it will result in emerging geopolitical, economic, and security uncertainties in Canada’s Arctic.
- Driven by climate change, Arctic sea-routes are becoming increasingly accessible to commercial and military vessels, and major sea-routes such as the Northern Sea Route, the Northwest Passage, and the Northeast Passage are increasing in geo-political importance.
- Geo-political competition among global powers is increasing pressure on Canada to continuously assert Canadian and Indigenous Arctic sovereignty.
- Recognizing threats in the region, and as highlighted in the mandate letters issued in the mandate letters issues to both the Minister of Foreign Affairs and the Minister of National Defence, the Arctic is one of Canada’s foremost security priorities, including as it relates to cyber.
- In response, the Government of Canada has announced major investments in and Continental Defence and modernizing NORAD.
- Greater situational awareness and operational effectiveness in cyber space is a critical component to safeguarding and advancing our national and collective interests in the Arctic.
- At present, Canada’s intelligence community, including the Communications Security Establishment (CSE), assists the Government of Canada in managing the increasingly complex Arctic and Northern policy environment by supporting the implementation of Canada’s Arctic and Northern Policy Framework (ANPF).
- The ANFP sets out a common long-term vision to 2030 for the Canadian and circumpolar Arctic, with goals related to health, security, prosperity, resilience, infrastructure, science, the environment, the rules-based international order, and reconciliation between Indigenous and non-Indigenous peoples.
- CSE continues to provide the most comprehensive information available related to Canada’s intelligence priorities, directly furthering Canadian safety, security, and prosperity.
CSE recruitment and retention
- Over the past several years, the Communications Security Establishment (CSE) has experienced continued and sustained growth.
- CSE’s multi-disciplinary recruitment program continues to focus its efforts on attracting talent in a highly competitive technological environment.
- Students remain a significant source of talent and CSE has a robust student co-op program that continues to grow.
- CSE’s important mission is all about protecting Canada’s security, economy, and our communities. The crucial cybersecurity work done at CSE is done nowhere else in Canada, and in only a few places across the world.
- CSE has been recognized as a Top Employer in 2020, 2021, and 2022, as well as one of Canada’s Top Employers for Youth for the past six years in a row.
Equity, diversity and inclusion (EDI)
- CSE is modernizing its multi-disciplinary recruitment program to attract Canada’s top talent in a highly competitive technological environment.
- CSE values a diverse and inclusive workforce, which improves and strengthens an operational mission. By incorporating diverse world views, experiences and perspectives, new insights are brought to existing problems.
- Working with equity-deserving groups both inside and outside of CSE on the promotion of equity, diversity and inclusion will enable us to evolve our processes, operations and policies in a manner that serves all Canadians effectively.
Review and oversight of CSE’s activities
- Bill C-59 enhanced the review and oversight of the Communications Security Establishment (CSE), as well as the broader security and intelligence community.
- CSE is subject to review by two independent external review bodies with a national security and intelligence mandate:
- the National Security and Intelligence Review Agency (NSIRA)
- the National Security and Intelligence Committee of Parliamentarians (NSICOP)
- CSE values independent, external review of our activities, and we remain committed to a positive and ongoing dialogue with NSIRA and other review bodies.
- To support their reviews, CSE provides both NSICOP and NSIRA with extensive access to information, documents, records, and subject matter experts.
- The Intelligence Commissioner (IC) provides oversight by approving authorizations for certain CSE activities.
Foreign interference and cyber threats to democratic process
- The Government of Canada takes seriously its responsibility to protect Canadians from foreign interference, regardless of the source.
- In the lead up to and during the 2021 Federal Election, the Communications Security Establishment (CSE), the Canadian Security Intelligence Service (CSIS), Global Affairs Canada (GAC), and the Royal Canadian Mounted Police (RCMP) worked together closely as part of the Security and Intelligence Threats to Elections Task Force (SITE).
- CSE’s Cyber Centre also worked with Elections Canada to help secure election systems and infrastructure.
- Our security and intelligence agencies coordinated integrated government efforts by raising awareness, monitoring, and reporting on threats, and providing advice to protect our democracy.
- SITE Task Force partners will continue to work within their respective mandates to detect and counter possible foreign threats to Canada and its democratic institutions.
- While Canada’s democratic institutions and processes are strong and resilient, CSE will continue to actively work to ensure their continued protection.
Privacy and spyware technology
- As Canada’s national cyber security and foreign intelligence agency, the Communications Security Establishment (CSE) has unique technical and operational capabilities.
- CSE uses these capabilities to acquire intelligence on foreign targets outside of Canada in accordance with the Government of Canada’s intelligence priorities.
- Under the CSE Act, CSE is prohibited from targeting Canadians or anyone in Canada as part of its intelligence activities.
- The CSE Act enables CSE to provide technical and operational assistance to federal law enforcement, security, and defence partners including the Canadian Armed Forces (CAF), the Royal Canadian Mounted Police (RCMP), and the Canadian Security Intelligence Service (CSIS).
- When CSE assists another federal agency, CSE acts under the legal authority of the requesting agency.
- These activities are subject to CSE’s rigorous system of internal policies and procedures as well as independent oversight and review.
- Including the Intelligence Commissioner (IC), and review agencies: the National Security and Intelligence Review Agency (NSIRA), and the National Security and Intelligence Committee of Parliamentarians (NSICOP).
Critical Cyber Systems Protection Act (CCSPA)
- CSE is Canada’s national lead for foreign signals intelligence and cyber operations, and the national technical authority for cybersecurity. CSE provides critical foreign intelligence and cyber defence services for the Government of Canada under clear and distinct mandates.
- Protecting information and the privacy of Canadians is an essential part of CSE’s mission. CSE does not direct its foreign signals intelligence activities at Canadians or anyone in Canada.
- Under the Critical Cyber Systems Protection Act (CCSPA), designated operators would be required by regulations to report cyber security incidents that meet or exceed a threshold to the Canadian Centre for Cyber Security (Cyber Centre) within CSE.
- The Cyber Centre will be required under the Act to provide an incident report to the industry regulator, and to the Government of Canada upon request. Generally, information provided in a cyber security incident report will be very technical in nature.
- Information received through mandatory incident reporting would be: safeguarded without disclosing any confidential information; analyzed by the Cyber Centre; and aggregated with other reports and relevant contextualizing information. This information would be used to warn other designated operators of a potential threat or vulnerabilities, and to inform Canadians of cyber security risks and trends.
- The Cyber Centre already has an established working relationship with industry and critical infrastructure operators, who voluntarily report cyber incidents. The CCSPA would allow the Cyber Centre to build on these relationships in a collaborative and more engaged way.
- CSE operates under a robust system of independent oversight. Several external oversight and review bodies make sure CSE’s activities comply with their mandate and legal responsibilities, and CSE is continuously refining its privacy-protection measures, including those associated with disclosure and compliance.