CSE Releases 2023 Update On Cyber Threats To Canada’s Democratic Process
OTTAWA: The Canadian Centre for Cyber Security, part of the Communications Security Establishment, has released its Cyber Threats to Canada’s Democratic Process: 2023 Update. This assessment addresses global cyber threat activity targeting elections and the implications for Canada’s democratic process and identifies four global trends:
• Cyber threat activity targeting elections is on the rise worldwide, with over a quarter of national elections affected in 2022. Based on this trend, CSE assesses that cyber threat activity is more likely to happen in Canada’s next federal election than in the past.
• Russia and China continue to conduct most of the attributed cyber threat activity targeting foreign elections.
• Cyber threat actors are getting better at covering their tracks, and most cyber threat activity targeting elections remains unattributed.
• Cyber threat actors are increasingly using generative artificial intelligence (AI) to enhance online disinformation. It’s very likely that foreign adversaries or hacktivists will use generative AI to influence voters ahead of Canada’s next federal election.
CSE is committed to protecting Canadians against any cyber interference. As a member of the Security and Intelligence Threats to Elections (SITE) Task Force, CSE helps monitor and address threats to elections. CSE’s Canadian Centre for Cyber Security (Cyber Centre) works closely with Elections Canada to protect its infrastructure, as well as with major political parties to increase their cyber security awareness. This includes offering briefings, training resources, consultations and cyber security services.
The Cyber Centre’s ongoing relationship with Elections Canada includes monitoring services to detect cyber threats, working with them to secure their computer networks, and incident response assistance, if necessary. CSE assesses that it is unlikely that sensitive information held by Elections Canada will be compromised by cyber threat actors and unlikely that cyber activity will disrupt voting infrastructure in a national election.
When a federal election is called, the Cyber Centre is ready to stand up a dedicated hotline for federal political parties offering 24/7 cyber security support.
In addition, outside of election periods, the Cyber Centre has a dedicated point of contact political parties can reach out to on cyber security matters.
“As this report shows, adversaries are seeking to manipulate our democratic process, but that doesn’t mean we’re powerless to stop them. Our democracy is as strong as we make it. From policy makers and elections authorities to political parties and voters, we all have a role to play in defending Canada from threats to our democratic process, said Caroline Xavier, Chief, Communications Security Establishment.
“This latest assessment shows the growing impact of emerging technologies, like generative AI, as foreign adversaries look for new ways to target elections and influence voters. While CSE and its Cyber Centre play a critical role in protecting Canada and safeguarding our democracy, it’s not a task we can do alone. We will continue to work with our partners to identify and mitigate these threats and ensure the integrity of our elections," said Sami Khoury, Head, Canadian Centre for Cyber Security.
• This is the fourth public report by CSE on cyber threats to Canada’s democratic process.
• The worldwide proportion of elections targeted by cyber threat activity increased from 23% in 2021 to 26% in 2022.
• In 2022, 85% of cyber threat activity targeting elections was unattributed, meaning it could not be credited to a particular state sponsored actor.
• In 2022, cyber threat activity aimed at influencing voters was 7 times more common than activity targeting election infrastructure.
• CSE helps to protect Canada’s democratic process by:
~ providing foreign signals intelligence to Government of Canada decision makers about the intentions, capabilities and activities of threat actors
~ defending Canada’s federal elections infrastructure from malicious cyber activity
~ proactively helping democratic institutions improve their cyber security
~ sharing unclassified threat assessments with the public
~ sharing information to help Canadians identify disinformation.