Advertisement

Significant gaps, data at risk in government systems, says security committee

Click to play video: 'Global Affairs Canada targeted by ‘cyber attack’ amid Russia-Ukraine tensions' Global Affairs Canada targeted by ‘cyber attack’ amid Russia-Ukraine tensions
WATCH: Global Affairs Canada targeted by ‘cyber attack’ amid Russia-Ukraine tensions – Jan 24, 2022

The committee of MPs and senators which oversees federal security policy has uncovered gaps in Canada’s cyberdefences that could leave many agencies vulnerable to state-sponsored hackers from countries like China and Russia.

In a new report, the National Security and Intelligence Committee of Parliamentarians says cyberthreats to government systems and networks are a significant risk to Canada’s security and government operations.

It points to Beijing and Moscow as the most sophisticated cyberthreat actors targeting the government, while Iran and North Korea have moderately advanced capabilities and pose less of a danger.

The committee says although nation states represent the most highly developed threats, any player with malicious intent and sophisticated capabilities puts the government’s data and the integrity of its electronic infrastructure at risk.

Read more: Conflicts in Ukraine and Canada have similarities, but no connections: experts

Story continues below advertisement

The report concludes the federal government has built a strong cyberdefence system to counter this threat over the last decade.

However, it is weakened by the inconsistent application of policies and use of cyberdefence services across government.

The report, tabled in Parliament late Monday, is a redacted version of a classified document submitted to Prime Minister Justin Trudeau last August.

Click to play video: 'Cyber criminals increasingly attacking critical Canadian infrastructure' Cyber criminals increasingly attacking critical Canadian infrastructure
Cyber criminals increasingly attacking critical Canadian infrastructure – Dec 9, 2021

Governments are highly attractive targets for cyberattacks, the report says.

“The federal government holds enormous amounts of data about Canadians, Canadian businesses and innovative sectors such as universities and research institutes. Cyber compromises of this data could reveal sensitive personal information of Canadians and sap the vitality of individual companies and of the economy.”

The government also manages foreign, trade and security relations through electronic infrastructures that, if compromised, could damage federal policies and undermine Canada’s vital interests, the report adds.

Story continues below advertisement

It provides new details about the sweeping nature of an early attack by a Chinese state-sponsored attacker that served as a “wake-up call” for the federal government.

Read more: Investments needed in Atlantic Canadian provinces for cybersecurity, training: experts

Between August 2010 and August 2011, China targeted 31 departments, with eight suffering severe compromises. Information losses were considerable, including email communications of senior government officials and mass theft of information from several departments, such as briefing notes, strategy documents, secret material, and password and file system data.

The report also reveals new information about a debilitating 2014 attack on the National Research Council, saying a Chinese state-sponsored actor used its access to the network to steal more than 40,000 files.

“The theft included intellectual property and advanced research and proprietary business information from NRC’s partners. China also leveraged its access to the NRC network to infiltrate a number of government organizations.”

It cost more than $100 million to deal with the problem.

Click to play video: '‘Epidemic of cybercrime’ underway in midst of pandemic, security expert warns' ‘Epidemic of cybercrime’ underway in midst of pandemic, security expert warns
‘Epidemic of cybercrime’ underway in midst of pandemic, security expert warns – Dec 3, 2021

Three organizations, the Treasury Board of Canada Secretariat, Shared Services Canada and the Communications Security Establishment, work closely together — and with other government departments — on federal cyberdefences, the report says.

Story continues below advertisement

Ideally under the system, government networks fall within a single electronic perimeter with a handful of access points to the internet that are monitored by sophisticated sensors capable of detecting and blocking known threats.

Departments should continually update and patch their devices and systems under the co-ordinated direction, advice and guidance of the three organizations, the report adds.

Read more: Trudeau tasks cabinet with new cybersecurity plan amid growing attacks, spying

However, the current cyberdefence system “has not yet achieved this ideal.”

The key weaknesses include:

Treasury Board policies relevant to cyberdefence are not applied equally to departments and agencies, creating gaps in protecting government networks from cyberattack;

Crown corporations are known targets of state actors, but are not subject to Treasury Board cyber-related directives or policies and are not obligated to obtain cyberdefence services from the government, placing their data at risk; and

Cyberdefence services are provided inconsistently, meaning, for instance, many agencies do not benefit from Shared Services Canada’s full complement of assistance.

“The threat posed by these gaps is clear,” the report says. “The data of organizations not protected by the government cyber defence framework is at significant risk.”

Story continues below advertisement

Moreover, unprotected organizations potentially act “as a weak link” in the government’s defences by maintaining electronic connectivity to organizations within the cyberdefence framework, creating risks for the government as a whole.

In responses included in the report, the government agreed with the committee’s various recommendations to address the deficiencies.

Sponsored content