Canada’s government is facing cyberattacks by hostile foreign actors “hourly” as attacks on private businesses increase, the head of Canada’s cybersecurity agency says, highlighting the importance of critical industries and Canadians to educate and protect themselves.
Sami Khoury of the Canadian Centre for Cyber Security — part of the Canadian Security Establishment (CSE) intelligence agency — says efforts are ongoing to put those protections in place and partner with corporations to act in kind. But he warns Russia and Russian-aligned hackers in particular are also ramping up efforts to disrupt critical infrastructure.
“On an average day we block between five and six billion signals coming against the government,” Khoudry told Mercedes Stephenson in a rare interview that aired Sunday on The West Block.
“These are automated systems that are looking for vulnerabilities. Having said that, we hear about incidents in the private sector constantly.”
The warning comes after the CSE issued a threat assessment last week that Russian-aligned hackers may seek to disrupt Canada’s oil and natural gas sector, especially since Ottawa is a strong backer of Ukraine.
The assessment said Russia had repeatedly deployed destructive cyberattacks against its adversaries as geopolitical crises escalate and expect those attacks to continue. It warned not only that Canada’s oil and gas infrastructure presents a number of vulnerable targets, but could also be impacted by an attack on U.S. assets “due to cross-border integration.”
“We assess that the intent of this activity is very likely to disrupt critical services for psychological impact, ultimately to weaken Canadian support for Ukraine,” it said.
The CSE has briefed energy company CEOs on the threat and provided guidance on strengthening protections, the agency said.
A disruptive cyberattack on the energy sector would be catastrophic, Khoury said, impacting other critical industries — including financial systems, transportation and government — that rely on oil and gas for heating, electricity and other essential needs.
“The threat is real and it’s ever present,” he said. “And it’s important that everybody get sensitized to building resilience (within) companies, because a lot of these companies we rely on for our daily lives.”
Khoury said the 2021 ransomware attack on the Colonial Pipeline in the United States serves as a case study for Canada to learn from. The attack, linked to a Russian hacking group, crippled the pipeline that carries oil between Texas and New York and led to a spike in gas prices across the U.S.
Although the impact on gas prices in Canada was negligible, Khoury warned such ransomware attacks are rising and could become more severe, making it crucial for energy companies to protect themselves.
Cyberattacks on the energy sector can also include the theft of sensitive information that could benefit a hostile foreign actor like Russia, he added.
“We have to recognize that Russia is a sophisticated cyber adversary,” he said, pointing to the 2015 and 2016 hacks that brought down Ukraine’s power grid, as well as cyberattacks launched during the current invasion.
“They have the capability and our role is to stay on top of these things, to see what’s happening around the world, to use our intelligence operations in partnership with some of our closest allies to pick up those signals and warn Canadians about them.”
Legislation introduced in Parliament last year, Bill C-26, would compel private companies deemed to be part of critical industries to protect themselves from cyberattacks and face government penalties if they don’t keep those cybersecurity measures updated. The bill has passed second reading in the House of Commons but has yet to be debated at the standing committee on public safety and national security.
Khoury said the Cyber Centre has successfully worked with the private sector for years to provide education and advice, and those companies are recognizing the growing threat.
“They are investing and making themselves more resilient to cyber threats,” he said.
“We’re supporting them, we’re partnering with them, and we have not sensed any reluctance to partner with us or work with us on moving cyber resilience forward.”
Canadians can take their own steps to ensure they aren’t exposed to cyberattacks or information theft, Khoury said. Most crucially, he said declining smartphone or computer apps to access information within other apps is a smart step to take.
“Many of the apps ask for access to the contact list, to the calendar, to your geo-coordinates, where you are,” he said. “You ask yourself the question, ‘why do they need that information?'”
Concerns over apps like TikTok that could access information will ultimately be a personal decision, he added, even for private companies — despite the government banning the video app earlier this year.
Comments