Expert says Canada is a ‘natural target’ for new cyberattacks
Canada is an attractive target for malicious cyber operations and is often one of the first countries criminals and hostile nations target with new methods, a cyber security expert and former CIA analyst told a House of Commons committee Wednesday.
The country is also a “natural target for politically motivated retaliation from a number of actors worldwide,” Christopher Porter said as part of his testimony at the House public safety and national security committee.
That means Canada may also be preparing for retaliatory cyberattacks as it enters the third month of a diplomatic fracas with China over the extradition to the United States of an executive from the telecom company Huawei.
Porter wouldn’t comment specifically on the diplomatic feud with China, but did say that countries will “absolutely” be using cyber operations as a part of their broader diplomatic strategy. “The attraction of cyber to policy-makers around the world is that it’s a tool you can use to gather information and influence events," said Porter in an interview with National Post before the committee hearing. He compared it to how sanctions have conventionally been used by countries to punish or cajole other nations in a way that’s more low-key than military action. Cyber operations have shifted from spying operations, where the goal was to quietly collect information, to military operations that aim to cause “serious disruption,” Porter said.
“The status quo today is that civilians are generally the first targets of state-on-state cyber combat. “This proliferation of cutting-edge offensive cyber power, combined with an increased willingness to use it with minimal blowback and spiralling distrust, has set the stage for more disruptive and destabilizing cyber events, possibly in the near future,” he said.
On top of that, organized crime operations are quickly becoming as sophisticated as nation-state operations and are directly targeting individuals.
Porter, the chief intelligence strategist at FireEye cybersecurity firm, was testifying for the committee’s study on cybersecurity in the financial sector as a national economic security issue. Before working at FireEye, Porter was an analyst at the Central Intelligence Agency for nine years and was tasked with briefing president Barack Obama’s national security council staff on cybersecurity. He stressed to the committee that it shouldn’t focus too narrowly on “critical infrastructure,” which was a mistake made in the United States.
“If you make a list of critical industry you’re going to defend, then that means you’re leaving other industry and everyday citizens vulnerable,” said Porter. “It would be important to acknowledge in principle that defending all Canadians and businesses is a priority for the government, as opposed to picking a few winners and losers in critical industries.” In the U.S, for example, authorities were fixated on securing election systems like voting machines and instead saw a major disruption caused by a simple email hack on high-ranking Democrat John Podesta, which led to months of embarrassing media stories sourced from private emails. Canada’s banks, in particular, have found themselves in the crosshairs of cybercriminals. A cybertheft operation that went live in 2016 and that was eventually traced to North Korea targeted several Canadian banks. Attacks on banks can have a direct effect on Canadians and FireEye says it routinely discovers underground operations selling thousands of stolen Canadian credit cards, from bigname institutions and smaller credit unions.
A recent malware campaign called Trickbot, which used hacked wireless routers to control a virus that steals money from banks and Bitcoin wallets, targeted a Canadian bank as one of its first five victims.
A more recent campaign called PandaBot targeted 15 Canadian banks. Porter said governments need to be ready to assist financial institutions in battling these cyber operations. A bank vault can keep out the average criminal, but wouldn’t stand a chance against military weaponry and, in the same way, governments can’t assume that corporate computer systems can stand up to state-sponsored attacks.
“If you practise good cyber hygiene it’ll eliminate 95 per cent of the threats you face,” Porter said. “But there is a point where only a military can counter another military operation.”