Cyber espionage a ‘ devastating’ threat: former spy
OTTAWA — One of Canada’s most senior intelligence experts warns foreign cyber espionage could undermine everything from our ability to buy food and gas to national prosperity unless government and corporations wake up to the enormity of the threat.
“Cyber is the threat of the ages, and it’s something we’re just not getting our minds around,” Ray Boisvert, former assistant director of intelligence for the Canadian Security Intelligence Service, said in a hard- hitting speech Friday at a security intelligence symposium in Ottawa.
“It’s extremely significant and it’s having a big impact on both public and private sector interests. It is fundamentally undermining our future prosperity as a nation.”
He cited the unprecedented and crippling 2011 cyber attack on Treasury Board and Finance Department computers targeting highly sensitive information on Saskatchewan’s potash industry, as well as allegations that Chinese hackers stole into Nortel Networks Inc.’ s corporate computer network for at least a decade, perhaps contributing to its demise.
Equally menacing, Boisvert said, is the “extreme vulnerability” of the nation’s networkreliant critical infrastructure, comprising 10 indispensable, interconnected sectors, from food and water to public utilities, aviation, public health, banking and telecommunications.
“It’s all about how we get cash out of the machine, how we get gas out of the gas pump; it’s food on the shelves, and one significant cyber attack on a critical infrastructure node will bring calamity upon us,” he said. “We’ll see, as we’re freezing in February wondering why the furnace won’t turn on or why the gas pumps aren’t working, that these are parts of the cyber threat that are real and potentially devastating.”
Yet warnings are being ignored, security investments are being postponed and resources to fight the problem are being deployed elsewhere, such as counter- terrorism, he said.
Comparing the issue to the debate over climate change, he said, “pretending that it’s some sort of inconvenient truth and that it’s not something you particularly want to think about is
It’s all about how we get cash out of the machine, how we get gas out of the gas pump ... and one significant cyber attack on a critical infrastructure node will bring calamity upon us.
RAY BOISVERT
FORMER CSIS OFFICIAL
certainly not the way to move forward.
“There’s some wilful blindness on behalf of individuals,” Boisvert told the gathering of the Canadian Association of Security and Intelligence Studies. “Not acting leaves us vulnerable to a complete loss of our economic and commercial advantages, not to mention our sovereignty. Wishing it away is not an option.”
Part of the resistance comes from the current generation of government and corporate decision makers who are not cyber savvy and have difficulty grasping the technical complexities, the depth of the threat and how to counter something that has no clearly identified bad guys and often no smoking guns.
As well, “government is reluctant to talk about it because it costs a lot to counter effectively.”
Boisvert’s comments follow the recent fall report of federal Auditor General Michael Ferguson, who found federal departments and agencies are slow or loathe to share information to help each other fight cyber- threats, while businesses don’t know they should report hacks to the government, or don’t trust the government to protect sensitive information about security breaches.
Boisvert, who retired from CSIS this year to head I- Sec Integrated Strategies, later told reporters while blame often falls on China, many other nations — “even good friends” — are engaged in online spying against Canada for strategies, financial data, intellectual property, defence and diplomatic information and other valuable secrets.
He said solutions to the issue “are not all that difficult” and include stronger links between government and business, new laws and, perhaps, even military action.