Canada’s research ‘a valuable target’ to foreign spies,
Intelligence agencies warn country’s at risk of state-sponsored hacking
OTTAWA— Canadian health researchers and organizations working on the national response to COVID-19 are facing a heightened risk of state-sponsored hacking and espionage, the country’s intelligence agencies tell the Star.
In a rare joint statement, Canada’s two main intelligence agencies — the Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) — said state-sponsored actors have shifted their focus during the global pandemic and that Canadian intellectual property “represents a valuable target.”
“With regards to the specific threats, the (CSE’s) Cyber Centre has assessed that the COVID-19 pandemic presents an elevated level of risk to the cybersecurity of Canadian health organizations involved in the national response to the COVID -19 pandemic,” wrote Christopher Williams, CSE’s acting director general of public affairs.
Williams also said CSIS “sees an increased risk of foreign interference and espionage due to the extraordinary effort of our businesses and research centres” and that its focus is on “protecting Canadian intellectual property from these threats — and jobs and economic interests with it.”
Neither agency would comment on the details of their operations or identify the states they are concerned about.
The statement comes one day after U.S. law enforcement and intelligence agencies publicly accused China of targeting and compromising U.S. organizations conducting COVID-19-related research.
In a statement Wednesday, the FBI and the Department of Homeland Security said “cyber actors” affiliated with China had been detected “attempting to identify and illicitly obtain valuable intellectual property and public health data related to vaccines, treatments and testing” on the virus.
“The potential theft of this information jeopardizes the delivery of secure, effective, and efficient treatment options,” the two agencies said.
Canadian officials have traditionally been more cautious in naming and shaming the perpetrators of state-sponsored hacking or economic espionage.
But the agencies noted the Canadian intelligence community works closely with Five Eyes partner countries, including the United States.
“We regularly share information with our partners, including the U.S., which has a significant impact on protecting our respective countries’ safety and security,” the statement read. CSE warned companies and other non-government organizations in March that statesponsored hackers might use the global pandemic as an opportunity to compromise systems or steal information.
“These actors may attempt to gain intelligence on COVID-19 response efforts and potential political responses to the crisis or steal ongoing key research towards a vaccine or other medical remedies, or other topics of interest to the threat actor,” the agency wrote in a March 20 notice.
But while nation-states are among the most sophisticated actors in cyberattacks and electronic espionage, CSE noted Thursday that “the bulk of malicious threat activity” during COVID-19 has been “criminal in nature” — in other words, motivated by profit rather than politics.
Still, U.S. authorities have suggested they’ve seen a marked increase in state-sponsored cyber activity since the pandemic began.
John Demers, the U.S. assistant attorney general for national security, told NBC News that “China has long engaged in the theft of biomedical research, and COVID-19 research is the field’s Holy Grail right now.
“While its commercial value is of importance, the geopolitical significance of being the first to develop a treatment or vaccine means the Chinese will try to use every tool — both cyberintrusions and insiders — to get it,” Demers said.