Hackers penetrate Canada’s spy agency
Secrets about the foreign activities of Canada’s spy agency — including the size of its network of foreign stations, the volume of sensitive communications it handles and its deeply antiquated system of information sharing — are revealed in what is purported to be a sensitive government document hacked by Anonymous and released Monday in a vendetta against Canadian authorities.
The government has publicly acknowledged only three foreign stations of the Canadian Security Intelligence Service (CSIS) — in Washington, London and Paris — but a document marked “secret” and purportedly from the Treasury Board of Canada says there are 25 foreign stations, “many of which are located in developing countries and/or unstable environments.”
The stations are staffed by approximately 70 CSIS staff who handle approximately 22,500 messages per year — not including “the high volume of extremely sensitive traffic from the Washington station,” the document says.
“The tools to access and process intelligence information from these foreign stations have not been updated since the Service’s foreign collection activities began in the mid1980s,” it says.
The Post has not been able to independently verify the authenticity of the document, marked with a security classification of “Secret.” Government officials have neither confirmed nor denied it as a legitimate document.
CSIS did not return phone calls Monday.
The Anonymous hackers say the document is one of many it has accessed.
“We are now privy to many of Stephen Harper’s most cherished secrets,” a spokesman said. “We will be releasing stunning secrets at irregular intervals.”
Activists with Anonymous, the global hacktivist group that has pulled shadowy operations from immature pranks to highminded protests, claim the documents were taken during breaches of supposedly secure computers over the past few months.
The CSIS document’s release was accompanied by a video message, in the style Anon activists often use, making other claims of the sort of information it is privy to.
Jeremy Laurin, a spokesman for the Public Safety Minister Steven Blaney, said the government is monitoring the situation closely but could not comment. He did not respond immediately to Monday evening’s release.
The coterie of Anonymous claiming responsibility for the penetration told the Post the document was released in retaliation for the RCMP’s fatal shooting this month of a protester in British Columbia.
The group gave authorities a deadline of Monday at 5 p.m., Pacific time, to arrest the officer who shot James McIntyre and prevent the document’s release.
Anonymous said McIntyre was an Anonymous activist. He appeared to be wearing a Guy Fawkes mask, one adopted by Anonymous as its symbol, while protesting a planned hydroelectric project for B.C.’s Peace River.
The shooting is still under investigation by the Independent Investigations Office of B.C.
When the Anon spokesman was asked if its actions can be compared to those of terrorists, crooks or traitors, he said the group’s members are non-violent with a goal to make society better.
“Disagree with us or our tactics? Show us a better way to get there,” the spokesman said in an interview conducted through encrypted communications.
Ray Boisvert, who worked at CSIS until he retired as the agency’s assistant director of intelligence, said little information about CSIS’s foreign stations has been publicly acknowledged.
“That part of the program has remained confidential,” he said, adding he is still bound by a secrecy order and cannot comment on the accuracy of the information.
CSIS has grown “from a very parochial security service to a global powerhouse” that divides its resources between domestic and foreign activities. “We will engage the threat wherever it emerges,” Boisvert said of CSIS. “To do that you have to start operating abroad.”
He said the foreign stations operate in an environment of secrecy because they face more “hostile players,” diplomatic sensitivities and counter-intelligence operations from other spy agencies.
“When you’re operating outside your own end, your safe zone, you are much more vulnerable to threats,” he said. However, he said the host countries likely know of CSIS’s foreign stations and work with them as partners.
The alleged breach is likely more problematic than the release of the document.
“Think big: Are they still in the network? Without a doubt, that’s their No. 1 priority,” Boisvert said. “And what did they take and what are the risks?”
He said spy agencies are much more aware of the dangers of leaks after the major breaches in the United States by Edward Snowden, a former National Security Agency analyst who leaked classified documents revealing large-scale global surveillance in 2013, and Bradley Manning, the U.S. Army private who leaked thousands of classified military documents to WikiLeaks in 2010.
Roland Paris, research chair in international security and governance at the University of Ottawa, said the purported hack could be significant.
“It seems some serious crimes may have been committed: theft of classified materials and extortion. If indeed this is a sensitive document there has been a serious breach.”
The document describes $20,626,549 in funding needed to extend CSIS’s “secure corporate network environment” to its foreign stations, which was more than $3 million over budget.