Worry about yourself when it comes to cybersecurity, says federal security official

Click to play video: 'Cybercrime is the biggest threat online: Communications Security Establishment'
Cybercrime is the biggest threat online: Communications Security Establishment
WATCH: Scott Jones, Assistant Deputy Minister at the Communications Security Establishment and the person in charge of government cyber security joins Vassy Kapelos for his first television interview to discuss the threat of cybercrime against citizens and how that may undermine confidence in the way we do business. – Feb 26, 2017

Russian hackers interfered with the U.S. presidential election, and Prime Minister Justin Trudeau has tasked a cabinet minister with ensuring nothing similar happens in Canada – but it’s not governments who should be most concerned about security online, it’s individuals, says Scott Jones, who is tasked with defending the federal government’s networks.

“When you look at cybercrime, it’s the huge impact that’s going to hit you and me,” said Jones, the assistant deputy minister at the Communications Security Establishment.

“And if I look at what’s the biggest threat online, it’s actually the growth of cybercrime. [It’s] the use of those tools that will undermine our confidence in this environment in general.”

If the public’s trust in the cyber world is damaged enough, Jones said, society will feel a desire to revert to behaviours predating the online world.

Story continues below advertisement

WATCH: Border, cyber security part of Trump plan to thwart homegrown terrorism

Click to play video: 'Border, cyber security part of Trump plan to thwart homegrown terrorism'
Border, cyber security part of Trump plan to thwart homegrown terrorism

“If that undermines our confidence, then we move back to bricks-and-mortar shopping and a paper-based bureaucracy,” he said. “I don’t think that’s going to work.”

In essence, he said, while the security of the government’s information is pivotal, it’s not the only thing with which cybersecurity experts are concerning themselves.

“It’s about everything,” Jones said.

Forsaking privacy for ease

The security considerations individuals ought to take mirror those at the enterprise and government levels, Jones said in an interview on The West Block.

For example, the CSE has a “Top 10 Security Actions” list it published to help protect government information.

Story continues below advertisement
“Those are things … we can apply all the way from individual persons, citizens in the country, up to the largest enterprises like the government,” Jones said. “Those are [actions] you can take that actually make you a little bit safer online.”

READ MORE: U.S. defence chief says ‘very little doubt’ Russia interfered with US election

Often, a person might connect networks or opt to skip a sign-in because it’s simpler or faster. “When you have the option of weakening security to make it easier, think about that,” he said.

Other tips Jones offered include uninstalling software no longer in use, updating software and ensuring operating systems are up to date.

Will Canada’s election be compromised?

On the national scale, CSE is tasked with supporting Democratic Institutions Minister Karina Gould in her new mandate to help defend the Canadian political system against cyber threats and hackers.

Jones said his role will helping shed light on how the government can maintain the integrity of the vote and assure Canadian elections continue to be open, transparent and free of interference.

READ MORE: U.S. defence chief says ‘very little doubt’ Russia interfered with U.S. election

While acknowledging there are always vulnerabilities online, Jones said Canada is “very robust” in terms of the democratic process.

Story continues below advertisement

“We’ve got a pretty savvy citizenry,” he said. “Really, this is about building that knowledge and not being caught unprepared.”

In terms of the big question – could what happened in the U.S. election happen in Canada? – Jones demurred.

“Well, it’s a different environment,” he said. “Cyber is a good means to get information that you could use to shape opinion, to change people’s minds … I think cyber is just a new means of doing something that’s been existing a long time.

100 million malicious attacks daily

Every day, the Communications Security Establishment blocks more than 100 million – some days more than one billion – malicious cyber “actions,” Jones said.

An “action” is not necessarily an attack, he said; an action is usually someone looking for vulnerabilities in the system, trying to poke holes and probing to see where any weaknesses might be.

Those daily occurrences come from everywhere – from states to “enthusiasts,” Jones said.

WATCH: Israeli PM Netanyahu to discuss cyber security with Donald Trump 

Click to play video: 'Israeli PM Netanyahu to discuss cyber security with Donald Trump'
Israeli PM Netanyahu to discuss cyber security with Donald Trump

At the same time, however, CSE looks for anything within the federal cyber system capable of being exploited, such as software vulnerabilities – anything that could allow a state or individual to “open that door and get into our systems,” he said.

Story continues below advertisement

READ MORE: Canadian infrastructure sector made aware of potential effects of ‘insider’ cyberthreats

So while 100 million or even a billion potential attacks might seem like an enormous number, Jones said the threat only becomes big if he and his colleagues stop adapting.

“We have to be investing and paying attention to this because, as technology grows and becomes more pervasive in our lives, we’re starting to see that everything has some sort of cyber element to it,” he said.

“If we choose to ignore it and just continue to adopt technology and not think about how to secure it, and how to protect ourselves, it will become a really big problem.”

Sponsored content