The 2019 federal election will “very likely” be targeted by cyber-activists, hackers and other online threats, a new report suggests, and the effort to defend against them has already started.
Officials with the Communications Security Establishment (CSE) released the report — titled Cyber Threats to Canada’s Democratic Process — on Friday in Ottawa, and provided an overview of the type and severity of potential threats facing the country.
The last federal vote, held in 2015, was targeted by what officials described as “low sophistication” cyber attacks and — as of this month — there is absolutely no evidence that the final results were influenced.
There is also no evidence that nation states, which CSE describes as “the most capable adversaries,” have attempted to sway the Canadian political process.
How, and if, we are targeted by those more advanced cyber foes will depend on “how Canada’s nation state adversaries perceive Canada’s foreign and domestic policies, and on the spectrum of policies espoused by Canadian federal candidates in 2019,” the report notes.
WATCH: Defence minister prioritizes cyber warfare in new defence policy
CSE reported that 13 per cent of countries that held elections in 2017 have already been subject to cyber threats or targeting.
“Over the last five years, there has been an upward trend in the amount of cyber-threat activity against democratic processes globally,” the report notes.
In the United States, there have been accusations that targeted hacking and online media influence by the Russian government influenced the ultimate result and helped propel Donald Trump into office. Trump’s administration has vehemently denied those claims.
Next Tuesday, CSE officials will begin providing advice and guidance to all Canadian federal parties in an effort to better prevent and defend against all cyber threats during the next election.
Elections Canada is responsible for ensuring the security of its own IT systems during a campaign and vote, but works in partnership with the CSE.
“We are beginning to brief political parties,” said one CSE official. “We can take action now to increase our resiliency … We’ll continue that engagement.”
The report released Friday was drawn up at the request of Minister of Democratic Institutions Karina Gould, as part of her ministerial mandate letter.
The information sessions next week are not mandatory, the minister confirmed, but all registered parties have been invited.
“It’s a start,” Gould said.
CSE identified three major areas of vulnerability when it comes to the democratic process in Canada.
The first is elections themselves, at all three levels of government. Hackers could modify, suppress or otherwise tamper with online voter registration, for example, which is conducted digitally at all levels of government in Canada. Voting machines can also be tampered with, and e-voting (done in some municipal jurisdictions) opens the process up to even more threats.
After the vote, the count can be affected by cyber attacks at provincial or municipal levels, which rely on digital systems. Federally, Elections Canada still relies solely on paper counts.
Politicians and parties are the second, and potentially more vulnerable, target. Cyber campaigns can target candidates for blackmail, or discredit them, for instance. Parties can have their systems hacked, their voter lists stolen or their websites hobbled.
The final target category is the media. In this area, CSE officials said, it’s more about affecting the message or discrediting the outlet. Social media can be used to manipulate perceptions, or make it seem like a view is held by more people than it actually is.
Journalists themselves can be subject to online harassment or threats that attempt to influence their reporting.