Canadian federal government agencies desperately need to beef up their cybersecurity posture, according to a recent report.
Documents from Public Safety Canada indicate that the country is a prime target for cybercrime, state-sponsored cyberattacks, and lone wolf-type hackers.
Consulting firm Pricewaterhouse Coopers prepared for the federal public safety and emergency organization by which revealed that Canada’s federal information technology systems are ill-equipped to handle potential cyberattacks.
The report said Canadian government budgets, resources, and capabilities “are simply not up to the overall challenge,” according to the Canadian Press.
The report recommended the federal government engage the public sector to help the Ottawa deal with its cybersecurity challenges. For instance, the government can co-operate with small and medium-sized businesses in developing cybersecurity solutions. It also suggested closer collaboration with the U.S. which spends billions of dollars on cybersecurity.
However, the report cautioned that surveillance and information-gathering aimed at countering cyber threats must be balanced with people’s privacy and personal liberties. The report said strict criteria for the use of collected data, as well as sufficient oversight, should be created.
Canada and the United States have traditionally worked together against cyberattackers, according to French Caldwell, chief evangelist at governance, risk, and compliance company MetricStream.
“But no matter how many defensive and preventative measures you put in place, it takes only one successful hack to get access very often to sensitive information,” he said. “The treats can be insider threats, nation-states, or they can be cyber criminals…it can be a very, very tough game to play.”
Caldwell is a former nuclear submariner who wrote the book Artic Leverage, Canadian Sovereignty and Security, which focused on the reasons behind Canada’s submarine program back in the 1990’s. He also helped plan a war game called Digital Pearl Habour for the White House and the U.S. Naval College to determine if it was possible to launch a cyberattack against North America. The findings of Caldwell and 150 other researchers was, yes, it is possible.
He believes leaders should start looking at their cyber strategies. For instance, there is no industry where business processes or business models are not dependent on some form of information or digital technology.Early last year, security vendor FireEye also released a report which warned that Canada and other western nations remain the targets of more than a dozen hacker groups which may or may not have ties with the Chinese government.
“Look at what are our actual cyber national interest and not only protect cyberspace for government and business sectors but also promote the cyber interests of Canada around the world,” said Caldwell.Early last year, security vendor FireEye also released a report which warned that Canada and other western nations remain the targets of more than a dozen hacker groups which may or may not have ties with the Chinese government.
He also lamented that in terms of cyber strategy, “it is often unclear which department is in charge of what.”
Early last year, security vendor FireEye also released a report which warned that Canada and other western nations remain the targets of more than a dozen hacker groups which may or may not have ties with the Chinese government.
FireEye said that between 2013 and May 2016, the company’s customers experiences 262 cyber breaches which have been traced to 72 suspected China-based groups in 26 countries, including Canada. The company did not reveal how many of the incidents involved Canadian firms or government departments.
In the U.S. the country’s top intelligence community officials last week briefed Trump on what they believed to be Russian-backed cyber-snooping activities interfered with the 2016 presidential elections which compiled potentially harmful information to both Republican and Democratic parties.
Part of that briefing information from a non-U.S. intelligence report which indicated Russian operatives had compromising personal and financial information on Trump.
During a press conference on Wednesday, Trump slammed the U.S. intelligence agencies saying “who knows, but maybe the intelligence agencies “were responsible for the document.
Canada’s spy agency has openly said that China and Russia are not intent on stealing national secrets.
In 2014, the Canadian government said Chinese state-sponsored hackers broke into the National Research Council’s computer networks. The attack resulted in the shutdown of the agency’s system.
Back in 2011, the networks of the finance department, Treasury Board, and the Defence Research and Development agency were forced to go of offline in the face of a sustained cyberattack. The breaches were attributed to actors from inside China.
“We are currently engaged in a cyberwar,” said Caldwell. “But unlike in the Cold War where we rarely physically engaged the opposition, were are engaged in cyberwar day-to-day.”