Last week’s alleged penetration of sensitive federal government networks by China-based hackers demonstrates the need for greater communications security in Canada. While the hackers did not steal any crucial secrets, they did gain access to the internal networks of three government departments responsible for the federal budget. It is unclear whether the hackers’ activities were state-sponsored, but if they were, this breach could amount to a 21st-century version of economic espionage. If the hackers had stolen budget secrets, they could have passed them on to investors who would then be able to make bets on the effect that the budget would have on Canadian stocks.
This breach highlights the paramount importance of keeping government communications safe. For the past decade, Canadian national security policy has focused nearly exclusively on counterterrorism. While the capacity of state-sponsored and freelance hackers to infiltrate government networks has significantly increased, it is unclear whether Canada’s capacity to defend itself from these kinds of attacks has increased at anywhere near the same rate. A decade spent focusing on terrorism has come largely at the expense of understanding and responding to other kinds of threats. This breach proves that it is now time to correct this security gap.
According to several reports, human error seems to have been responsible for this breach. Senior officials within the three departments were contacted with offers tailored to their status as “executives” within the government. Using the information provided by the officials who responded to these offers, the hackers accessed their computers remotely and sent requests to the department’s support staff for network passwords posing as the executives. With these passwords, they attempted to gain access to secret and top secret budget documents. However, communications security staff detected these infiltrations before the hackers could steal any sensitive information and prevented them from doing so.
Though the successful defence mounted by Canadian security officials should be lauded, it is important to ensure that public servants take steps to prevent these kinds of breaches. Government security staff should require greater use of encryption, randomization, and other techniques that would make it harder for hackers to use any information they obtained. Moreover, they should expand the use of secure communications technology and alter existing technology, especially BlackBerries, to prevent the use of functions, such as instant messaging, which cannot be effectively secured. Such a program would be costly, but is crucial for keeping key government departments connected, but secure.
The Communications Security Establishment, whose staff successfully repelled the attack by Chinese hackers, would coordinate an expanded communications security program. CSEC is responsible for securing government communications, and also gathering intelligence on external threats to Canada’s national security, which it does by intercepting communications in cooperation with sister agencies in Australia, New Zealand, the United Kingdom and the United States. Since the September 11 attacks, its staff has expanded to meet growing intelligence gathering responsibilities. CSEC should be further expanded to meet the federal government’s need for greater communications security coordination.
CSEC is unique among Canadian intelligence and security agencies as it is directly supported by the Canadian military and under the authority of the Minister of National Defence, rather than the Minister of Public Safety. There is a special unit within the Canadian Forces, the Canadian Forces Information Operations Group, which is responsible for providing technical assistance to CSEC. It too should be expanded to provide additional support to CSEC especially in the area of communications security. Eventually, the Canadian government could also consider following the American model by creating a small, flexible “cyber command” to unify the military’s cybersecurity activities.
Within the context of current discussions between the American and Canadian governments on the possibility of more comprehensive security cooperation, our government should also consider whether Canada should cooperate more formally with the United States on cybersecurity. Eventually, this could take the form of adding a cybersecurity dimension to an expanded NORAD partnership, which would see the American and Canadian militaries ensure North American security in the air, at sea, and online. This “cyber-NORAD” would help Canada keep itself safe from this kind of cyberattack and build on decades of close intelligence and military cooperation between Canada and the United States.
While the infiltration attempt revealed last week was unsuccessful, foreign hackers will undoubtedly continue to try to penetrate Canada’s secure government networks. They will surely develop more sophisticated ploys and techniques aimed at stealing key government information. Canada must prepare to meet this threat head on by strengthening security, by improving vigilance among public servants, beefing up its civilian and military communications security staff, and better coordinating online defence activities with the United States. Perhaps these changes will take a successful attack on Canada, but hopefully the government will take note now and take the crucial steps to prevent future breaches.
