Agency warns Canada at risk of cyber attacks
OTTAWA–Canada’s cyber defence agency says adversarial states are very likely developing ways to disrupt the country’s power grids.
In a report released Wednesday, the Communications Security Establishment (CSE) said other countries are unlikely to intentionally disrupt Canada’s critical infrastructure, such as electrical grids, in the absence of outright hostilities.
But the spy agency said adversarial countries are persistently probing critical infrastructure networks, either to “preposition” themselves for future attacks or as a form of intimidation.
“We judge that state-sponsored actors are very likely attempting to develop the additional cyber capabilities required to disrupt the supply of electricity in Canada,” the agency’s 2020 threat assessment says. The CSE did not link those activities to specific countries. But elsewhere in the report it lists China, Russia, Iran and North Korea as the “greatest strategic threats” to Canada’s Cyber Security.
“In 2019, Russia-associated actors probed the networks of electricity utilities in the U.S. and Canada. Iranian hacking groups have targeted (industrial control systems) in rival nations … North Korean malware has been found in the IT networks of Indian power plants, and U.S. utility employees have been targeted by Chinese statesponsored cyber threat actors,” the agency reported, citing publicly reported examples.
Scott Jones, the head of the CSE’s Canadian Centre for Cyber Security, said the interconnected electrical infrastructure of North America is “one of the largest machines in the world.” That makes it complicated to prevent failures even from natural events like ice storms.
But as more and more “operational technology” used to control critical infrastructure migrates online, that opens up avenues for cyber attacks.
As with its first public threat assessment in 2018, the agency concluded that individual Canadians are much more likely to be targeted by lower-level cyber criminals than by statesponsored activities.
It said they will almost certainly continue to be exposed to email scams and ransomware attacks over the next two years.
But the agency’s report noted that state-backed cyber activity is both more sophisticated and has the potential to do more damage to public and private organizations.
The CSE, among other intelligence and government departments, was tasked with guarding the 2019 federal election against foreign interference along the lines of Russianbacked activities seen in the 2016 U.S. presidential election.
Wednesday’s report suggested that foreign interference and influence campaigns are the “new normal” and will persist even outside an election period to try and shape Canadian opinion on key issues.
“We assess that, relative to some other countries, Canadians are lower-priority targets for online influence activity,” the report said. “However, Canada’s media ecosystem is closely intertwined with that of the United States and other allies, which means that when their populations are targeted, Canadians become exposed to online influence as a type of collateral damage.”