Advertisement

Canadian infrastructure sector made aware of potential effects of ‘insider’ cyberthreats

Click to play video: 'Public safety minister discusses plan about how Canadians can participate on national security'
Public safety minister discusses plan about how Canadians can participate on national security
WATCH ABOVE: Public Safety Minister Ralph Goodale announced on Thursday that every Canadian can now participate in an broad online consultation regarding national security until Dec. 1, 2016 – Sep 8, 2016

OTTAWA – Federal officials have quietly warned operators of electrical grids, transportation hubs and other key infrastructure of the cyberthreat from insiders who could unleash devastating viruses and cripple systems, internal government notes reveal.

Crucial networks that Canadians rely on for everyday needs face a “substantial threat” from rogue employees out to wreak digital havoc, warn the Public Safety Canada briefing notes.

“The insider threat is difficult to detect and can cause real damage.”

No special hacking skills are required, just a portable memory key loaded with a malicious code. As a result, it is important that organizations have the right security protocols and procedures, “for example by limiting access to systems only to those who genuinely need it.”

A federal briefing on the insider threat was delivered last December to leaders of the 10 most crucial infrastructure sectors, the notes say.

Story continues below advertisement

READ MORE: Alberta Energy weighing oilpatch cyberthreats

For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen.

Get breaking National news

For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

They point out that over 90 per cent of critical infrastructure – key to delivering everything from food and clean water to banking and health services – is controlled by the private sector and all of it is dependent in one way or another on information technology to operate. Many critical infrastructure sectors are interdependent, meaning a problem in one could have a “cascading impact” in others.

The notes, prepared earlier this year for Monik Beauregard, a senior assistant deputy minister at Public Safety Canada, were obtained by The Canadian Press under the Access to Information Act.

READ MORE: Average cost of data breach in Canada is $6.03M: study

Beauregard is chairing a panel today on the global implications of the challenges to cybersecurity at an intelligence conference in Ottawa.

In addition, Greta Bossenmaier, the head of Canada’s electronic spy agency, the Communications Security Establishment, plans to discuss the various cyberchallenges the country faces.

The conference comes as the Liberal government undertakes a cybersecurity consultation that runs through mid-October. The overall aim is to identify gaps and opportunities, bring forward ideas to shape a renewed approach and capitalize on the advantages of new technology.

READ MORE: US cybersecurity bill would add more secrecy for tech companies

State-sponsored hackers, sophisticated criminals, cause-motivated hacktivists and people out to make mischief online all pose a threat, the government warns.

Story continues below advertisement

Public Safety is already working with critical infrastructure operators to prepare for the possibility of a major cyberattack on the Canadian electrical grid and telecommunications systems, the internal notes say.

Security officials call such an occurrence a “black swan” – a rare but devastating event that requires special attention due to the potential for massive losses should it happen.

Sponsored content

AdChoices