星空传媒

OTTAWA -- Canada鈥檚 top cybersecurity agency has named China, Russia, Iran, and North Korea鈥檚 state-sponsored cyber activity as posing the 鈥済reatest strategic threats鈥� to Canada鈥檚 critical infrastructure, intellectual property, and political events like elections.

In , the Canadian Centre for Cyber Security within the Communications Security Establishment warns that state-sponsored cyber activity is the most sophisticated and actors are 鈥渧ery likely鈥� attempting to develop capabilities to disrupt critical systems; will 鈥渁lmost certainly鈥� continue conducting commercial espionage against Canadian governments, businesses, and organizations; and are keeping up ongoing online foreign influence campaigns aimed at altering discourse around current events to divide Canadians.

鈥淭he most sophisticated capabilities belong to state sponsored cyber threat actors who are motivated by economic, ideological, and geopolitical goals. Their activities include cyber espionage, intellectual property theft, online influence operations, and disruptive cyber attacks,鈥� states the report.

• Capital Dispatch: Stay up to date on the latest news from Parliament Hill

鈥淲e assess that almost certainly the state-sponsored programs of China, Russia, Iran, and North Korea pose the greatest state-sponsored cyber threats to Canadian individuals and organizations. However, many other states are rapidly developing their own cyber programs, benefiting from various legal and illegal markets to purchase cyber products and services,鈥� it continues.

The report is a reminder that Canada can鈥檛 let its guard down, said National Defence Minister Harjit Sajjan in the foreword of the report.

鈥淔oreign state-sponsored cyber programs are probing our critical infrastructure for vulnerabilities. Foreign efforts to influence public discourse through social media have become the 鈥榥ew normal.鈥� More than that, the internet is at a crossroads, with countries like China and Russia pushing to change the way it is governed, to turn it into a tool for censorship, surveillance, and state control,鈥� Sajjan wrote.

The report is an update to the 2018 version, and offers forecasts on the threat environment through to 2022. The agency cautions that the threat assessment does not include an exhaustive list of activity, but is based on classified and unclassified sources available up to Oct. 20.

鈥淲hen we call actors out, and specifically into sectors, we see the sector respond quite rapidly to the threat,鈥� said Scott Jones, the head of the Canadian Centre for Cyber Security, during a teleconference discussing the new report. He cited the decision the agency took in July to allege alongside the United Kingdom that Russia tried to steal information and intellectual property from researchers working on a COVID-19 vaccine.

THREAT TO ELECTRICAL GRID?

The 2020 threat assessment warns about cyber actors targeting organizations responsible for essential services like utilities and health care by going after their Industrial Control Systems (ICS).

Given more and more aspects of infrastructure are being connected to the internet, the risk of the software becoming vulnerable to cyber attacks is increasing.

One specific area the report delves into is the threat to Canada鈥檚 electricity grid, where it鈥檚 anticipated state actors are trying to develop capacities needed to disrupt Canada鈥檚 electricity supply.

A recent example of countries getting into this kind of behaviour include when Russian-associated actors 鈥減robed the networks of electricity utilities in the U.S. and Canada鈥� in 2019. As well, the report cites U.S. utility employees being targeted by China; Iranian hacking groups targeting control system infrastructure in rival nations like Israel, and North Korean malware being found in the IT networks of India鈥檚 power plants.

鈥淲e assess that cybercriminals will very likely increase their targeting of ICS in the next two years in an attempt to place increased pressure on critical infrastructure and heavy industry victims to promptly accede to ransom demands,鈥� reads the report.

While the report says the reality of an attack like this remains 鈥渧ery unlikely,鈥� it could cause major damage and interruptions to wide swaths of the country.

鈥淲hat you could see is shutting off of transmission lines, you could see them opening circuit breakers 鈥� meaning electricity simply won't flow to our homes, to our businesses, to other pieces of Canada's critical infrastructure鈥� We want to get ahead of this trend and make sure that we're getting ahead of it before you see those implications happening in critical infrastructure that could affect large numbers of people at the same time,鈥� Jones said.

鈥淲e鈥檙e not trying to scare people, we鈥檙e certainly not trying to scare people into going off grid by building a cabin in the woods, etc. We鈥檙e here to say 鈥榣et鈥檚 tackle these now while they鈥檙e still paper, while they鈥檙e still a threat that we鈥檙e writing down鈥� before it鈥檚 a threat that can become real in the future,鈥� he said, adding that work is underway to raise the awareness in the energy sector about these threats.

ONLINE INFLUENCE CAMPAIGNS

The cyber centre鈥檚 threat assessment also notes that 鈥渁 number of states鈥� have deployed online influence campaigns 鈥渁s part of their daily business鈥� in an effort to change civil discourse, policymakers' decisions, and the reputations of politicians.

鈥淭hey try to delegitimize the concept of democracy and other values such as human rights and liberty鈥� They also try to exacerbate existing friction in democratic societies around various divisive social, political, and economic issues,鈥� reads the report.

While usually these efforts increase around elections, the agency says it鈥檚 seeing the campaigns have broadened out since 2018 to target trending stories and popular political issues.

鈥淚t happens every day now. This is something where it鈥檚 just constant misuse or misinformation on the internet. And this is where we鈥檙e saying, 鈥楲ook we need to start turning to authoritative sources,鈥欌�� Jones said in an interview on CTV鈥檚 Power Play.

In Canada, this has included Russian and Iranian efforts to sway minds related to terrorism and the 2017 Quebec City mosque shooting, the Trans Mountain pipeline construction, domestic policies on immigration and refugees, and climate change.

More recently, attempts to influence Canadians have been seen in relation to COVID-19 and government responses to the pandemic.

Going forward, the report notes that Canada鈥檚 position on 鈥渉igh-tension geopolitical issues鈥� could elevate the threat.

The report also states that relative to other countries, Canadians are lower-priority targets for online foreign influence, but because our 鈥渕edia ecosystem is closely intertwined with that of the United States and other allies,鈥� when our neighbour is targeted, Canadians become exposed to the online influence.

Jones said that Canada has been sharing information about what it鈥檚 seeing when Canadians or domestic institutions are caught up in online interference efforts.

CYBERCRIME DURING COVID-19

In addition to digging into the foreign state actor threat, the report highlights the uptick in online threats to Canadians and national institutions posed by fraudsters and other bad actors, in the face of the COVID-19 that are preying on the fears and anxieties that many people are experiencing during the pandemic, as well as the heightened use of online tools to work from home and stay connected others.

• Canada's cybersecurity agency warns of online threats that exploit COVID-19 fears

The CSE stated that cybercrime remains the greatest direct threat to Canadians and Canadian organizations, many of which are not doing enough to protect their passwords, software, and increasing cadre of digital devices from hacks or other attacks.

鈥淐ybersecurity is a team sport, and as any hockey coach will tell you, to mount an effective defence you need to know what you鈥檙e up against,鈥� Jones said.