Foreign Cyber Operations
CSE is authorized to conduct foreign cyber operations—both defensive cyber operations and active cyber operations. These provide the Government of Canada with important tools to help protect Canadians and Canada’s interests.
Defensive Cyber Operations
Defensive Cyber Operations allow CSE to actively defend Canada against foreign cyber threats by taking action online. This means proactively stopping or impeding foreign cyber threats before they reach our systems. This authority can be used to defend Government of Canada systems, as well as systems designated by the Minister of National Defence as being of importance to the Government of Canada.
What does this mean? Under a Defensive Cyber Operations Authorization, CSE could disable a foreign server used by cyber actors attempting to steal information about Canadians from a Government of Canada network, or to disrupt elections infrastructure.
Active Cyber Operations
Active Cyber Operations allow the government to use CSE’s online capabilities to, according to the CSE Act, “degrade, disrupt, influence, respond to or interfere with the capabilities, intentions or activities of a foreign individual, state, organization or terrorist group as they relate to international affairs, defence or security”.
What does this mean? Under an Active Cyber Operations Authorization, CSE could use its capabilities to disable communications devices used by a foreign terrorist network to communicate or plan attacks.
Defensive and Active Cyber Operations are done within strict legal parameters. Operations must only target foreign actors outside of Canada, and can only be done with the Authorization of the Minister of National Defence. In the case of Active Cyber Operations, the Minister of Foreign Affairs must also consent, and in the case of
Defensive Cyber Operations, must be consulted. The CSE Act sets out additional conditions for these Authorizations, including that activities must not cause death or bodily harm to an individual, or willfully attempt to obstruct, pervert or defeat the course of justice or democracy.
Like all of CSE’s activities, these operations are subject to review by the National Security and Intelligence Review Agency and the National Security and Intelligence Committee of Parliamentarians.